diff --git a/config/_default/languages.yaml b/config/_default/languages.yaml index bfd2cb5..7ba2923 100644 --- a/config/_default/languages.yaml +++ b/config/_default/languages.yaml @@ -52,7 +52,7 @@ en: name: "NECCDC 2026" url: "/history/2026/" weight: 4 - + - identifier: "history" name: "History" url: "/history/" diff --git a/content/en/docs/_index.md b/content/en/docs/_index.md index 17197fc..5d3c07b 100644 --- a/content/en/docs/_index.md +++ b/content/en/docs/_index.md @@ -3,11 +3,5 @@ title: "Docs" description: "Lander for NECCDL Resources" --- -## NECCDL - -- [Discord Verification](discord-verification) - -## NECCDC - -- [Incident Report Template](files/IncidentReportTemplate.pdf) -- [Red Team Advice](red_team_advice) +Work in progress lander for NECCDC resource. +If you have any sugesstions please open an issue or submit a PR. diff --git a/content/en/docs/neccdc/_index.md b/content/en/docs/neccdc/_index.md new file mode 100644 index 0000000..e2412bd --- /dev/null +++ b/content/en/docs/neccdc/_index.md @@ -0,0 +1,7 @@ +--- +title: "NECCDC" +description: "Resource on getting started competing at NECCDC" +type: midlist +--- + +- [Discord Verification](discord-verification) diff --git a/content/en/docs/discord-verification/index.md b/content/en/docs/neccdc/discord-verification/index.md similarity index 97% rename from content/en/docs/discord-verification/index.md rename to content/en/docs/neccdc/discord-verification/index.md index 8524f33..5baf632 100644 --- a/content/en/docs/discord-verification/index.md +++ b/content/en/docs/neccdc/discord-verification/index.md @@ -1,8 +1,7 @@ --- title: "Discord Verification" description: "How to verify your account on the NECCDL Discord server" -_build: - list: never +includeInList: false --- As a measure to reduce spam, NECCDL requires all participants to verify their Discord accounts before being allowed into the general NECCDL Discord server. diff --git a/content/en/docs/red-team/_index.md b/content/en/docs/red-team/_index.md new file mode 100644 index 0000000..1167721 --- /dev/null +++ b/content/en/docs/red-team/_index.md @@ -0,0 +1,9 @@ +--- +title: "Red Team" +description: "NECCDC red team resources" +type: midlist +--- + +- [Incident Response Report Template](files/IncidentResponseReportTemplate.pdf) +- [Red Team Advice](red-team-advice) +- [Sample Incident Response Report](sample-ir) diff --git a/content/en/docs/files/IncidentReportTemplate.pdf b/content/en/docs/red-team/files/IncidentResponseReportTemplate.pdf similarity index 100% rename from content/en/docs/files/IncidentReportTemplate.pdf rename to content/en/docs/red-team/files/IncidentResponseReportTemplate.pdf diff --git a/content/en/docs/red_team_advice/index.md b/content/en/docs/red-team/red-team-advice/index.md similarity index 99% rename from content/en/docs/red_team_advice/index.md rename to content/en/docs/red-team/red-team-advice/index.md index d70c26f..47a45fa 100644 --- a/content/en/docs/red_team_advice/index.md +++ b/content/en/docs/red-team/red-team-advice/index.md @@ -1,8 +1,7 @@ --- title: "NECCDC Red Team Advice" -description: "TODO" -_build: - list: never +description: "" +includeInList: false --- ## Incident Reports can help win back points, but only if they are good! diff --git a/content/en/docs/red-team/sample-ir/index.md b/content/en/docs/red-team/sample-ir/index.md new file mode 100644 index 0000000..a81a804 --- /dev/null +++ b/content/en/docs/red-team/sample-ir/index.md @@ -0,0 +1,19 @@ +--- +title: "Sample IR Report" +description: "" +includeInList: false +--- + +## Executive Summary +On January 31st, the organization identified a security incident involving the compromise of our Windows Domain Controller, a critical system responsible for authentication, authorization, and identity management across our enterprise. +Due to the central role of this system, the incident was treated as a high severity event and we escalated response immediately. +Initial investigation determined that an unauthorized actor gained Administrator access to the Windows Domain Controller and installed malicious software. The malicious software can only cause a denial of service to our enterprise environment due to the capability to continually reboot the Domain Controller. +However, the attacker had the potential to access or manipulate user accounts, group policies, and authentication mechanisms across the domain. +At this time, there is no evidence of data exfiltration or persistent lateral movement beyond the affected systems, but forensic research is still ongoing. +Upon detection, the Incident Response team executed containment actions, including removing the malicious software from affected systems, revoking compromised credentials, and restricting domain access to prevent further unauthorized activity. A full forensic analysis was initiated to determine the scope, timeline, and impact of the compromise. +We will continue to pursue remediation according to our Incident Response Plan for this type of event which will include: + +Mandatory password resets for all domain accounts, review and cleanup of privileged access, validation of Group Policy Objects, and deployment of additional monitoring and detection capabilities. +Relevant stakeholders were notified, and the incident was handled in accordance with internal security policies. Regulatory disclosures will occur as required. +The organization successfully contained the incident, restored normal operations, and implemented corrective actions to reduce the likelihood of recurrence. +A post-incident review is underway to address root causes, improve security posture, and enhance detection and response capabilities moving forward. diff --git a/content/en/docs/white-team/_index.md b/content/en/docs/white-team/_index.md new file mode 100644 index 0000000..f1219a3 --- /dev/null +++ b/content/en/docs/white-team/_index.md @@ -0,0 +1,5 @@ +--- +title: "White Team" +description: "NECCDC white team resources" +type: midlist +--- diff --git a/content/en/sponsor/index.md b/content/en/sponsor/index.md index 2fd06f9..f53aa3f 100644 --- a/content/en/sponsor/index.md +++ b/content/en/sponsor/index.md @@ -1,7 +1,6 @@ --- title: "Sponsor" description: The Northeast Collegiate Cyber Defense League would not be possible without our generous support from out sponsors -includeInList: false date: 1970-01-01 --- diff --git a/i18n/en.yaml b/i18n/en.yaml index 6d1b33e..bc3c289 100644 --- a/i18n/en.yaml +++ b/i18n/en.yaml @@ -1,4 +1,5 @@ # Information for the landing page +breadcrumb_home: Home hero1: other: Northeast hero2.1: @@ -42,7 +43,7 @@ Megabyte-symbol: neccdcYearlyParticipants: other: 130+ neccdcStudents: - other: "2750" + other: "2830" neccdcInstitutions: other: "35" neccdcRunningYears: diff --git a/layouts/_default/baseof.html b/layouts/_default/baseof.html new file mode 100644 index 0000000..3bd5069 --- /dev/null +++ b/layouts/_default/baseof.html @@ -0,0 +1,31 @@ + + + {{- partial "head.html" . -}} + + {{- partial "accessibility.html" . -}} + {{- partial "header.html" . -}} + +
+ {{ if ne .Params.showHeader false }} +
+ {{ if or (and (eq .Kind "page") (ne .Section "")) (and (eq .Kind "section") (eq .Type "midlist")) }} + {{- partial "breadcrumb.html" . -}} + {{ end }} +

{{ .Title }}

+
+ {{ end }} + {{ if or (eq .Kind "section") (eq .Kind "home") }} +
+ {{ else }} +
+ {{ end }} + {{- block "main" . }}{{ .Content }}{{- end }} + {{ if or (eq .Kind "section") (eq .Kind "home") }} +
+ {{ else }} + + {{ end }} +
+ {{- partial "footer.html" . -}} + + diff --git a/layouts/midlist/list.html b/layouts/midlist/list.html new file mode 100644 index 0000000..9830f77 --- /dev/null +++ b/layouts/midlist/list.html @@ -0,0 +1,12 @@ +{{ define "main" }} + {{ .Content }} + {{ range .Pages }} + {{ $includeInList := default true .Params.includeInList }} + {{ if $includeInList }} +
+

{{ .Title }}

+

{{ .Description }}

+
+ {{ end }} + {{ end }} +{{ end }}