Difference between revisions of "Ctf-evenings"
Line 16: | Line 16: | ||
* 1 - '''Workshop/learning evenings''' - network analysis/forensics ([http://www.wireshark.org Wireshark]), filesystem forensics, reversing([http://www.ollydbg.de Ollydbg], etc..)/Pwnables, code deobfuscation, pen testing ([http://www.kali.org Kali]-[http://www.backtrack-linux.org Backtrack]/[http://www.metasploit.com Metasploit]/buffer overflows), cryptanalysis, web security (XSS, SQL injection, etc..), stegonography, [http://blog.commandlinekungfu.com Commandline kung-fu], recon/trivia/etc.. | * 1 - '''Workshop/learning evenings''' - network analysis/forensics ([http://www.wireshark.org Wireshark]), filesystem forensics, reversing([http://www.ollydbg.de Ollydbg], etc..)/Pwnables, code deobfuscation, pen testing ([http://www.kali.org Kali]-[http://www.backtrack-linux.org Backtrack]/[http://www.metasploit.com Metasploit]/buffer overflows), cryptanalysis, web security (XSS, SQL injection, etc..), stegonography, [http://blog.commandlinekungfu.com Commandline kung-fu], recon/trivia/etc.. | ||
** Example: I've got a whole slew of [https://www.lcuportal2.com/check-out-these-courses.html Wireshark training videos] - we can watch them together! | ** Example: I've got a whole slew of [https://www.lcuportal2.com/check-out-these-courses.html Wireshark training videos] - we can watch them together! | ||
− | ** We could also occasionally screen Defcon/CCC/Shmoocon/etc.. videos on fun topics! | + | ** We could also occasionally screen [http://www.defcon.org Defcon]/CCC/Shmoocon/etc.. videos on fun topics! |
* 2 - '''Challenge website evenings''' | * 2 - '''Challenge website evenings''' |
Revision as of 22:22, 9 December 2013
Projects | |
---|---|
Participants | MRieback |
Skills | |
Status | Active |
Niche | Software |
Purpose | Fun |
Welcome to the Tech Inc Capture the Flag (CTF) training event series!
The format of this series is likely to evolve over time, but I currently assume that these evenings will feature a combination of web-based challenges, online competitions, and general-purpose learning/workshop evenings covering a variety of computer security (i.e. hacking, defensive) topics. Everyone of all skill levels is welcome!!!!
Contents
About the CTF Training Evenings
Types of evenings
I envision the following 3 kinds of CTF training evenings:
- 1 - Workshop/learning evenings - network analysis/forensics (Wireshark), filesystem forensics, reversing(Ollydbg, etc..)/Pwnables, code deobfuscation, pen testing (Kali-Backtrack/Metasploit/buffer overflows), cryptanalysis, web security (XSS, SQL injection, etc..), stegonography, Commandline kung-fu, recon/trivia/etc..
- Example: I've got a whole slew of Wireshark training videos - we can watch them together!
- We could also occasionally screen Defcon/CCC/Shmoocon/etc.. videos on fun topics!
- 2 - Challenge website evenings
- I setup a Scoreboard, so we can keep track of who's done which challenges
- 3 - Actual CTF events
Other things that we can do
- Setup a vulnerable server (Damn Vulnerable Linux, etc..) and attack it
- Preparing for competitions
- Setup Etherpad (or another online "multiplayer notepad") so people can make notes and work together for each challenge
- Preparing tools (Backtrack VM, other VM images with different tools)
- Being able to emulate weird architectures for binaries
- Being able to test shellcode on our own system
- Maybe we can do something with hardware in the space (i have no idea what the status is of VMWare cluster in space, but i think we have one..)
Challenge websites
Link to the Tech Inc Challenge Website Scoreboard: TechInc-CTF-Scoreboard
- http://captf.com/practice-ctf/
- http://www.overthewire.org/wargames/ (Bandit is good for beginners)
- https://www.certifiedsecure.com
- http://io.smashthestack.org
- http://ismellpackets.com/
- http://www.kroosec.com/?m=1
- http://exploit-exercises.com/fusion
- http://exploit-exercises.com/protostar
- http://opensecuritytraining.info/Training.html
- http://www.securitytreasurehunt.com/
- http://forensicscontest.com/
- http://ebctf.nl/challenges