Difference between revisions of "CTF-practice-evening:2013-12-09"

From Technologia Incognita
Jump to: navigation, search
Line 18: Line 18:
  
 
* 7 people present: some programmers, some sysadmins, some security folks
 
* 7 people present: some programmers, some sysadmins, some security folks
 +
* We probably won't start out being very good -- BUT after the CTF events, we should analyse them, so we can improve.
  
 
== Types of evenings ==
 
== Types of evenings ==
Line 31: Line 32:
 
** There's a bunch of them on CTF Time - we should participate!
 
** There's a bunch of them on CTF Time - we should participate!
 
** We can probably also join VUBAR when they are playing here!  (Etienne said that this would probably be okay)
 
** We can probably also join VUBAR when they are playing here!  (Etienne said that this would probably be okay)
 +
** We can also participate in own events, at other times..
  
* We probably won't start out being very good -- BUT after the CTF events, we should analyse them, so we can improve.
 
 
* We could setup a vulnerable server (Damn Vulnerable Linux, etc..) and play with attacking it
 
* We could setup a vulnerable server (Damn Vulnerable Linux, etc..) and play with attacking it

Revision as of 20:50, 9 December 2013

CTF-practice-evening:2013-12-09
Date 2013/12/09
Time
Location Tech Inc
Type Workshop
Contact Melanie

9 December, 2013 - 8 PM

Capture The Flag evening - Part I

We'll start at 8 PM. Please bring along a laptop with you!!!

General CTF Info

See the page for the Ctf-evenings

Notes

  • 7 people present: some programmers, some sysadmins, some security folks
  • We probably won't start out being very good -- BUT after the CTF events, we should analyse them, so we can improve.

Types of evenings

I envision the following kinds of CTF training evenings

  • 1 - Learning evenings - network analysis/forensics (Wireshark), filesystem forensics, reversing/Pwnables(Ollydbg, etc..), code deobfuscation, pentesting (Nessus/Metasploit/stack overflows), cryptology, web security (XSS, SQL injection, etc..), recon/trivia/etc..
    • Example: I've got a whole slew of Wireshark training videos - we can watch them together!
  • 2 - Challenge website evenings
    • I will setup a scoreboard, so we can keep track of who's done which challenges
  • 3 - Actual CTF events
    • There's a bunch of them on CTF Time - we should participate!
    • We can probably also join VUBAR when they are playing here! (Etienne said that this would probably be okay)
    • We can also participate in own events, at other times..
  • We could setup a vulnerable server (Damn Vulnerable Linux, etc..) and play with attacking it