Welcome to the Tech Inc Capture the Flag (CTF) training event series!

The format of this series is likely to evolve over time, but I currently assume that these evenings will feature a combination of web-based challenges, online competitions, and general-purpose learning/workshop evenings covering a variety of computer security (i.e. hacking, defensive) topics. Everyone of all skill levels is welcome!!!!

About the CTF Training Evenings

Types of evenings

I envision the following 3 kinds of CTF training evenings:

• 1 - Workshop/learning evenings - network analysis/forensics (Wireshark), filesystem forensics, reversing(Ollydbg, etc..)/Pwnables, code deobfuscation, pen testing (Kali-Backtrack/Metasploit/buffer overflows), cryptanalysis, web security (XSS, SQL injection, etc..), stegonography, Commandline kung-fu, recon/trivia/etc..
  • Example: I've got a whole slew of Wireshark training videos - we can watch them together!
  • We could also occasionally screen Defcon/CCC/Shmoocon/etc.. videos on fun topics!

• 2 - Challenge website evenings
  • I setup a Scoreboard, so we can keep track of who's done which challenges

• 3 - Actual CTF events
  • There's a bunch of them on CTF Time - we should participate!
  • We can probably also join VUBAR when they are playing here! (Brainsmoke said that this would probably be okay)
  • We can also participate in own events, at other times..

Other things that we can do

• Setup a vulnerable server (Damn Vulnerable Linux, etc..) and attack it
• Preparing for competitions
  • Setup etherpad (or another online "multiplayer notepad") so people can make notes and work together for each challenge
  • Preparing tools (Backtrack VM, other VM images with different tools)
  • Being able to emulate weird architectures for binaries
  • Being able to test shellcode on our own system
  • Maybe we can do something with hardware in the space (i have no idea what the status is of vmware cluster in space, but i think we have one..)

Challenge websites

Link to the Tech Inc Challenge Website Scoreboard: TechInc-CTF-Scoreboard

• http://captf.com/practice-ctf/
• http://www.overthewire.org/wargames/ (Bandit is good for beginners)
• https://www.certifiedsecure.com
• http://io.smashthestack.org
• http://ismellpackets.com/
• http://www.kroosec.com/?m=1
• http://exploit-exercises.com/fusion
• http://exploit-exercises.com/protostar
• http://opensecuritytraining.info/Training.html
• http://www.securitytreasurehunt.com/
• http://forensicscontest.com/
• http://ebctf.nl/challenges

Other stuff

• http://ctftime.org/ - Event listings and write-ups
• http://hackflag.org/forum/
• http://sysexit.wordpress.com/category/writeups/
• http://www.hackers.nl/about/introduktie/
• http://www.enigmagroup.org/pages/basics/