To get the most out of the RedELK workshop we recommend bringing the following:
- A government issued ID containing your full name. We need this so we can verify your name before we can give you access to a lab with Export Controlled goods, namely Outflank's OST Stage 1 C2 and Cobalt Strike.
- Laptop with a chromium based browser. You use this to connect to your lab environment. Chromium based browsers work best with the Guacamole setup of the lab.
- Pre generate API keys so you can test with RedELK's online hash check capability - one is OK but more is better:
- Virus Total, more info at https://support.virustotal.com/hc/en-us/articles/115002088769-Please-give-me-an-API-key
- IBM X-Force, more info at https://www.ibm.com/docs/en/qns/5.4.0?topic=integration-obtaining-api-key-password
- Hybrid Analyses, more info at https://www.hybrid-analysis.com/docs/api/v2
- Optional: Email address and connection settings that you can use for receiving alarms via email