Difference between revisions of "CTF-practice-evening:2013-12-09"

From Technologia Incognita
Jump to: navigation, search
Line 22: Line 22:
  
 
I envision the following kinds of CTF training evenings
 
I envision the following kinds of CTF training evenings
* 1 - Learning evenings - Wireshark, forensics/reversing (Ollydbg), pentesting (Nessus/Metasploit/stack overflows), cryptology
+
* 1 - Learning evenings - network analysis/forensics (Wireshark), filesystem forensics, reversing(Ollydbg), code deobfuscation, pentesting (Nessus/Metasploit/stack overflows), cryptology, web security (XSS, SQL injection, etc..)
 
** I've got a whole slew of Wireshark training videos - we can watch them together!
 
** I've got a whole slew of Wireshark training videos - we can watch them together!
  

Revision as of 20:46, 9 December 2013

CTF-practice-evening:2013-12-09
Date 2013/12/09
Time
Location Tech Inc
Type Workshop
Contact Melanie

9 December, 2013 - 8 PM

Capture The Flag evening - Part I

We'll start at 8 PM. Please bring along a laptop with you!!!

General CTF Info

See the page for the Ctf-evenings

Notes

  • 7 people present: some programmers, some sysadmins, some security folks

Types of evenings

I envision the following kinds of CTF training evenings

  • 1 - Learning evenings - network analysis/forensics (Wireshark), filesystem forensics, reversing(Ollydbg), code deobfuscation, pentesting (Nessus/Metasploit/stack overflows), cryptology, web security (XSS, SQL injection, etc..)
    • I've got a whole slew of Wireshark training videos - we can watch them together!
  • 2 - Challenge website evenings
    • I will setup a scoreboard, so we can keep track of who's done which challenges
  • 3 - Actual CTF events
    • There's a bunch of them on CTF Time - we should participate!
    • We can probably also join VUBAR when they are playing here! (Etienne said that this would probably be okay)
  • We probably won't start out being very good -- BUT after the CTF events, we should analyse them, so we can improve.
  • We could setup a vulnerable server (Damn Vulnerable Linux, etc..) and play with attacking it