Fedora Red Team meeting 3 November 2017

Agenda

• State of the SIG
  • Reminder that SIG page is at https://fedoraproject.org/wiki/SIGs/Red_Team
  • ELEM continuing to mature
  • CTL alpha code posted with some results
  • Red Team SDK
  • New members and community +1s
• Active projects
  • SDK
    • Helper and common functions
    • Trying to make it useful generally for red teamers
  • ELEM - Enterprise Linux Exploit Mapper
    • Demoed at Defense in Depth 2017
    • Exploit curation crowdsourcing (Trello board) now being populated by SDK, needs work
  • CTL
    • Alpha code posted
    • Buggy, but being tracked in issues
    • Initial results posted
    • Work to be done before beta
      • Reliability
      • Function scoring
      • Branch frequency counter
      • Average function length
      • Distribution
  • PTES
    • Needs to be pursued, using internally for planning
  • Reference Architectures
    • Internal copy exists, need to prep for release
    • Action for this month
  • Pen tests
    • Eclipse Foundation
    • Looking for other clients who would like a pen test so we can better update PTES
• Team to-do
  • Order swag, looking for recommendations, probably hats (outstanding)
  • Need to get team calendar set up (done!)
  • Better document ELEM (outstanding)
  • Add more instructions to Trello for curation crowdsourcing (done!)