Welcome to the Tech Inc Capture the Flag (CTF) training event series!

The format of this series is likely to evolve over time, but I currently assume that these evenings will feature a combination of web-based challenges, online competitions, and general-purpose learning/workshop evenings covering a variety of computer security (i.e. hacking, defensive) topics. Everyone of all skill levels is welcome!!!!

Our current schedule is a meeting at techinc every first monday of the month, we also try to do a ctf event every 1/2 months.

Training Evenings

Upcoming

• July 14 - Dimitris (Volatility)
• August 4 - Brainsmoke (Binary exploitation walkthrough)
• August 11 - Melanie (wargame or video - TBD)
• August 25 - Hitcon Retrospective

• By default, Melanie will fill in the weeks that aren't taken by anybody else

Past

• 7 July, 2014 - Pwnium CTF Retrospective (via Dimitris)
• 30 June, 2014 - Intro to Cuckoo Sandbox
• 23 June, 2014 - PHP Filter Attacks (via Coolfire)
• 9 June, 2014 - Hack in the Box Retrospective (+Leviathan continued)
• 12 May, 2014 - Leviathan wargame (OverTheWire)
• 28 April, 2014 - Intro to x86 Assembly, Part 2
• 14 April, 2014 - Intro to Metasploit
• 6 April, 2014 - CTF-related video marathon
• 31 March, 2014 - Cryptanalysis + OTW Krypton war-game
• 24 March, 2014 - Binary exploitation + Codegate Minibomb walkthrough
• 3 March, 2014 - Hack in the Box (HitB) Teaser CTF
• 24 February, 2014 - Intro to x86 disassembly
• 10 February, 2014 - IDB challenge @ Certified Secure
• 3 February, 2014 - Burp Suite and SQLmap
• 27 January, 2014 - PhDays retrospective + walkthroughs
• 13 January, 2014 - Intro to web hacking + Certified Secure
• 6 January, 2014 - Wireshark Jumpstart 101 + GitS teaser (Armorall - VNC pcap)
• 23 December, 2013 - Levels 1/2 @ I/O Smash the Stack
• 9 December, 2013 - UNIX + OTW Bandit wargame

Competitions

• We compete occasionally as Team Knuffelhackers!
• And we occasionally partner w/ team VUBAR

Upcoming

• HITCon - Aug 16-18 (Team Knuffelhackers)

Past

• Pwnium - July 4-5 (Team Knuffelhackers)
• Hack in the Box - May 28-30 (Various teams)
• Plaid CTF - 11-13 April, 2014 (Team Knuffelhackers)
• Hack in the Box (HitB) Teaser - 3-4 March, 2014 (Team Knuffelhackers) - 4th place
• Codegate Preliminaries - 22-23 February, 2014 (Team Knuffelhackers)
• Olympic CTF Sochi - 7-9 February, 2014 (w/ Team VUBAR)
• Positive Hack Days Qualifiers 2014 - 25-27 January, 2014 (Team Knuffelhackers)
• RuCTFe 2013 - 14 December, 2013 (w/ Team VUBAR)
• UCSB iCTF 2013 - 6-7 December, 2013 (w/ Team VUBAR)

Write-ups

CTF:Writeup-Olympic-CTF-Sochi-2014

About the CTF Training Evenings

Types of evenings

I envision the following 3 kinds of CTF training evenings:

• 1 - Workshop/learning evenings - network analysis/forensics (Wireshark), filesystem forensics, reversing(Ollydbg, etc..)/Pwnables, code deobfuscation, pen testing (Kali-Backtrack/Metasploit/buffer overflows), cryptanalysis, web security (XSS, SQL injection, etc..), stegonography, Commandline kung-fu, recon/trivia/etc..
  • Example: I've got a whole slew of Wireshark training videos - we can watch them together!
  • We could also occasionally screen Defcon/CCC/Other videos on fun topics!

• 2 - Challenge website evenings
  • I setup a Scoreboard, so we can keep track of who's done which challenges

• 3 - Actual CTF events
  • There's a bunch of them on CTF Time - we participate occasionally!

Other things that we can do

• Setup a vulnerable server (Damn Vulnerable Linux, Metasploitable, etc..) and attack it
  • Other examples: http://exploit-exercises.com/
• Preparing for competitions
  • Setup Etherpad (or another online "multiplayer notepad") so people can make notes and work together for each challenge
    • We're currently using: Riseup Pad
  • Preparing tools (Backtrack VM, other VM images with different tools)
  • Being able to emulate weird architectures for binaries
  • Being able to test shellcode on our own system
  • Maybe we can do something with hardware in the space (i have no idea what the status is of VMWare cluster in space, but i think we have one..)
• Brainsmoke could talk about binary exploitation
  • We can also look at gdb / objdump / IDA / Hex-Rays

Challenge websites

Link to the Tech Inc Challenge Website Scoreboard: TechInc-CTF-Scoreboard

• http://captf.com/practice-ctf/
• http://ctf.forgottensec.com/wiki/
• http://www.overthewire.org/wargames/ (Bandit is good for beginners)
• https://www.certifiedsecure.com
• http://io.smashthestack.org
• http://ismellpackets.com/
• http://www.kroosec.com/?m=1
• http://exploit-exercises.com/fusion
• http://exploit-exercises.com/protostar
• http://opensecuritytraining.info/Training.html
• http://www.securitytreasurehunt.com/
• http://forensicscontest.com/
• http://ebctf.nl/challenges
• http://sourceforge.net/projects/owaspshepherd/files/ - VM
• http://www.hackthissite.org
• https://microcorruption.com/ - Embedded hacking
• http://www.bright-shadows.net
• http://www.matasano.com/articles/crypto-challenges/ - crypto challenges

Reversing and Exploitation

• http://coolfire.insomnia247.nl/BMA/X86_Win32_Reverse_Engineering_Cheat_Sheet.pdf - x86 reverse engineering cheat sheet
• GDB Tips - Some beginning tips for how to use GDB
• https://www.securecoding.cert.org/confluence/display/seccode/CERT+C+Coding+Standard - Helpful for finding C constructs that can be exploited
• http://sourceware.org/gdb/current/onlinedocs/gdb/index.html - GDB manual
• http://sourceware.org/binutils/docs-2.24/binutils/index.html - GNU Binutils manual
• http://www.youtube.com/watch?v=gYOy7CGpPIU - The Making of Atlas: from Script Kiddie to Hacker in 5 Sleepless Nights (video)
• Hacking: The Art of Exploitation (book)
• Reversing: Secrets of Reverse Engineering (book)
• http://www.woodmann.com/fravia/howto1.htm
• http://www.woodmann.com/crackz/Orc.htm
• Python Exploit Development Assistance
• Online Dissassembler
• Ropshell.com

Tools: objdump, readelf, gdb, ktrace/kdump

Windows binaries

• http://innounp.sourceforge.net - Inno Setup Unpacker
• OllyDbg
• Ida Free

UNIX hacking

• Log into Linux without a PW

Web hacking

• https://www.owasp.org/index.php/Category:Attack
• https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents
• https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
• http://w3schools.com
• http://yehg.net/lab/#toolbox
• https://hackvertor.co.uk/public
• Burp Suite
• fuzzdb
• Nikto
• http://www.irongeek.com/i.php?page=videos/web-pen-testing-workshop - Nice series of videos

Network challenges

• For VNC: rfbproxy / Rfbplayer
• chaosreader

Steganography

• http://www.jjtc.com/Steganography/tools.html
• http://www.slideshare.net/null0x00/nullcon-2010-steganography-stegananalysis-a-technical-psychological-perspective
• http://sox.sourceforge.net - Sound eXchange (audio "swiss army knife")
• http://spek.cc - Spek spectrum analyzer
• Audacity
• SDRsharp

Forensics

• File Signatures Table, File Signatures.net, DF Magic Numbers - File format signatures

Crypto

Cryptanalysis

• http://www.simonsingh.net/The_Black_Chamber/chamberguide.html
• http://www.cryptool-online.org/index.php?option=com_content&view=article&id=55&Itemid=53&lang=en
• http://luizfirmino.blogspot.nl/2011/10/cryptanalysis-tools.html
• http://www.matasano.com/articles/crypto-challenges/

Cracking

• http://hashcat.net/oclhashcat/ - Hashcat

Setting up a CTF

• http://ictf.cs.ucsb.edu/software.html
• http://www.cipher-ctf.org/Gameserver.php

Other stuff

• http://ctftime.org/ - Event listings and write-ups
• http://hackflag.org/forum/
• http://sysexit.wordpress.com/category/writeups/
• http://www.hackers.nl/about/introduktie/
• http://www.enigmagroup.org/pages/basics/
• http://shell-storm.org/repo/CTF/ - Archive of previous CTFs
• http://mitrecyberacademy.org/stem/moodle/course/view.php?id=13
• http://opensecuritytraining.info/Training.html
• http://www.irongeek.com/i.php?page=security/hackingillustrated