Difference between revisions of "Ctf-evenings"
| Line 27: | Line 27: | ||
== Other things that we can do == | == Other things that we can do == | ||
| − | * | + | * Setup a vulnerable server (Damn Vulnerable Linux, etc..) and attack it |
= Challenge websites = | = Challenge websites = | ||
Revision as of 22:14, 9 December 2013
| Projects | |
|---|---|
| Participants | MRieback |
| Skills | |
| Status | Active |
| Niche | Software |
| Purpose | Fun |
Welcome to the Tech Inc Capture the Flag (CTF) training event series!
The format of this series is likely to evolve over time, but I currently assume that these evenings will feature a combination of online challenges and/or competitions, and general-purpose training evenings covering a variety of computer security (especially hacking and defensive) topics. Everyone of all skill levels is welcome!!!!
Contents
About the CTF Training Evening
Types of evenings
I envision the following 3 kinds of CTF training evenings:
- 1 - Learning evenings - network analysis/forensics (Wireshark), filesystem forensics, reversing/Pwnables(Ollydbg, etc..), code deobfuscation, pentesting (Nessus/Metasploit/stack overflows), cryptology, web security (XSS, SQL injection, etc..), stenography, Commandline kung-fu, recon/trivia/etc..
- Example: I've got a whole slew of Wireshark training videos - we can watch them together!
- 2 - Challenge website evenings
- I setup a scoreboard, so we can keep track of who's done which challenges
- 3 - Actual CTF events
- There's a bunch of them on CTF Time - we should participate!
- We can probably also join VUBAR when they are playing here! (Etienne said that this would probably be okay)
- We can also participate in own events, at other times..
Other things that we can do
- Setup a vulnerable server (Damn Vulnerable Linux, etc..) and attack it
Challenge websites
Link to the Tech Inc Challenge Website Scoreboard: TechInc-CTF-Scoreboard
- http://captf.com/practice-ctf/
- http://www.overthewire.org/wargames/ (Bandit is good for beginners)
- https://www.certifiedsecure.com
- http://io.smashthestack.org
- http://ismellpackets.com/
- http://www.kroosec.com/?m=1
- http://exploit-exercises.com/fusion
- http://exploit-exercises.com/protostar
- http://opensecuritytraining.info/Training.html
- http://www.securitytreasurehunt.com/
- http://forensicscontest.com/
- http://ebctf.nl/challenges
