Ctf-foo: Difference between revisions

From Chaosdorf Wiki
(→‎participants: Fixed the formatting)
Tags: mobile edit mobile web edit
(Removed the event from this page, as it exists in the individual event pages for the according days. It shouldn't appear in the calendar duplicated now.)
 
(16 intermediate revisions by 6 users not shown)
Line 1: Line 1:
{{Event
An event focused on "Capture the Flag" Events. The main point here is to get people into the security field in a welcoming way and provide a space for interested people to exchange knowledge.
|Title=CTF foo
|Description=Capture The Flag foo
|Type=Meet-Up
|Date=every other saturday
|Start=14:00
|Host=hanemile
|isRelevant=Yes
}}


Every two weeks on Saturday from 14:00 - no limit
The individual events which take place every two weeks at 14:00 and have a dedicated topic, but we're also quite flexible and can look into other stuff (So if you've got a topic you might be interested in, bring it up!).


We'll look at specific topics at each event and maybe play some CTF that is currently running afterwards in order to try out our newly learnt skills.
We'll look at specific topics at each event and maybe play some CTF that is currently running afterwards in order to try out our newly learnt skills.


=== Topics ===
If you've got anything regarding the event, just ping {{U|hanemile}}.
Got a topic you'd wish we go over? Put it here:


* YOUT TOPIC HERE
Here's a list of the past events giving you a brief idea on what we're doing:


== 2022-03-05-assembly-basics ==
{{#ask:
 
  [[has title::CTF foo]]
=== Mentors ===
  [[Category:Events]]
 
  |?has description
* {{U|hanemile}}
  |sort=Has Date
 
  |order=ascending
=== topics ===
  |format=datatable
* Memory
}}
* Register
* "code" (Assembly)
* Functions (calling conventions)
* Buffers
* ... (add stuff here that might fit here)
 
=== participants ===
 
* YOUR NAME HERE
* awh4ck3r / keiffrichards@gmail.com
* Spectranis
 
== 2022-03-19-linux ==
 
=== Mentors ===
 
* {{U|hanemile}}
* {{U|ytvwld}}
 
=== topics ===
 
* Syscalls
* Interrupts
* Kernel
* Process
* Init
* Boot process
* Filesystems
* Permissions
* Uid, Gid
* ... (add stuff here that might fit here)
 
=== participants ===
 
* {{U|ytvwld}}
* - YOUR NAME HERE
 
== 2022-04-02-buffer-overflow ==
 
=== Mentors ===
 
* {{U|hanemile}}
 
=== topics ===
 
* Recap: functions (calling conventions)
* Recap: buffers
* What do we overwrite?
* What implications can overwriting data have?
* ... (add stuff here that might fit here)
 
=== participants ===
 
* YOUR NAME HERE
 
== 2022-04-16-shellcode ==
 
=== Mentors ===
 
* {{U|hanemile}}
 
=== topics ===
* What is shellcode?
* Why learn to do stuff with it?
* What can we do with it?
* What problems might arise?
* How can we solve the problems that arise?
* ... (add stuff here that might fit here)
 
=== participants ===
 
* YOUR NAME HERE
 
== 2022-04-30-infoleaks ==
 
=== Mentors ===
 
* {{U|hanemile}}
 
=== topics ===
 
* How can information be leaked?
* Why leak information?
* ... (add stuff here that might fit here)
 
=== participants ===
 
* YOUR NAME HERE
 
== 2022-05-14-rop ==
 
=== Mentors ===
 
* {{U|hanemile}}
 
=== topics ===
 
* What is the initial problem leading to us ropping?
* What is "rop"?
* Why "rop"?
* Recap: buffer-overflow
* Recap: infoleaks
* How can we leak foo using rop?
* How can we find more gadgets?
* How can we pop a shell?
* ... (add stuff here that might fit here)
 
=== participants ===
 
* YOUR NAME HERE
 
== 2022-05-28-mitigations ==
 
=== Mentors ===
 
* {{U|hanemile}}
 
=== topics ===
 
* Start at 0, what are the problems?
* What mitigations exist (on a high level)?
* For each problem, what mitigation solves the problem?
* How can we bypass the mitigations?
* ... (add stuff here that might fit here)
 
=== participants ===
 
* YOUR NAME HERE
 
== 2022-06-11-reversing ==
 
=== Mentors ===
 
* {{U|hanemile}}
* bdgtwy
 
=== topics ===
* What is reversing?
* How do we reverse?
* What tools to we use?
* What should be looked at in more detail?
* Qiling
* ... (add stuff here that might fit here)
 
=== participants ===
 
* YOUR NAME HERE
 
== 2022-06-25-heap-basics ==
 
=== Mentors ===
 
* {{U|hanemile}}
 
=== topics ===
* What primitives exist?
* How do they work?
* How to read the "docs" (aka. glibc code)
* How to inspect the heap
* Getting comfy with debugging hooks
* ... (add stuff here that might fit here)
 
=== participants ===
 
* YOUR NAME HERE
 
== 2022-07-09-heap-techniques ==
 
=== Mentors ===
 
* {{U|hanemile}}
 
=== topics ===
 
* What's broken?
* How do we identify broken stuff?
* How do we break it?
* ... (add stuff here that might fit here)
 
=== participants ===
 
* YOUR NAME HERE
 
== 2022-07-23-race-conditions ==
 
=== Mentors ===
 
* {{U|hanemile}}
 
=== topics ===
 
* What are race conditions?
* Where do they arise?
* How can we identify them?
* How con we exploit them?
* TOCTOU
* ... (add stuff here that might fit here)
 
=== participants ===
 
* YOUR NAME HERE
 
== 2022-08-06-fuzzing ==
 
=== Mentors ===
 
* {{U|hanemile}}
* {{U|maride}}
 
=== topics ===
 
* What is fuzzing?
* Why fuzz stuff
* How to fuzz stuff
* Concept (Mutation, Coverage, Snapshots, ...)
* Harnessing a target, what to look out for
* ... (add stuff here that might fit here)
 
=== participants ===
 
* YOUR NAME HERE
 
== 2022-08-20-kernel-security ==
 
=== Mentors ===
 
* {{U|hanemile}}
 
=== topics ===
 
* What is the kernel?
* How can we interact with it?
* What might break?
* How can we break it?
* ... (add stuff here that might fit here)
 
=== participants ===
 
* YOUR NAME HERE
 
== 2022-09-03-symbolic-execution ==
 
=== Mentors ===
 
* {{U|hanemile}}
* {{U|barbieauglend}}
 
=== topics ===
 
* What is symbolic execution?
* Into: z3
* Intro: angr
* Problems: Path explosion
* ... (add stuff here that might fit here)
 
=== participants ===
 
* YOUR NAME HERE
 
== 2022-09-17-automated-program-analysis ==
 
=== topics ===
* What can be automated?
* What can't be automated? (and why not?)
 
=== participants ===
 
* YOUR NAME HERE

Latest revision as of 18:42, 31 March 2022

An event focused on "Capture the Flag" Events. The main point here is to get people into the security field in a welcoming way and provide a space for interested people to exchange knowledge.

The individual events which take place every two weeks at 14:00 and have a dedicated topic, but we're also quite flexible and can look into other stuff (So if you've got a topic you might be interested in, bring it up!).

We'll look at specific topics at each event and maybe play some CTF that is currently running afterwards in order to try out our newly learnt skills.

If you've got anything regarding the event, just ping hanemile.

Here's a list of the past events giving you a brief idea on what we're doing:

 Has description
Ctf-foo/2022-03-05Assembly Basics
Ctf-foo/2022-03-19Linux
Ctf-foo/2022-04-02Cryptography
Ctf-foo/2022-04-16Shellcode
Ctf-foo/2022-05-07Infoleaks
Ctf-foo/2022-05-14Return Oriented Programming
Ctf-foo/2022-05-28Mitigations
Ctf-foo/2022-06-11Reversing
Ctf-foo/2022-06-25Heap basics
Ctf-foo/2022-07-09Heap techniques
Ctf-foo/2022-07-23Race Conditions
Ctf-foo/2022-08-06Fuzzing
Ctf-foo/2022-08-20Kernel Security
Ctf-foo/2022-09-03Symbolic execution