(added a "mentors" section to the individual events) |
m (Fixed the bulletpoints) |
||
| Line 22: | Line 22: | ||
=== Mentors === | === Mentors === | ||
* {{U|hanemile}} | |||
=== topics === | === topics === | ||
| Line 33: | Line 33: | ||
=== participants === | === participants === | ||
* YOUR NAME HERE | |||
== 2022-03-19-linux == | == 2022-03-19-linux == | ||
| Line 39: | Line 40: | ||
=== Mentors === | === Mentors === | ||
* {{U|hanemile}} | |||
* {{U|ytvwld}} | |||
=== topics === | === topics === | ||
* Syscalls | * Syscalls | ||
* Interrupts | * Interrupts | ||
| Line 55: | Line 57: | ||
=== participants === | === participants === | ||
- YOUR NAME HERE | * {{U|ytvwld}} | ||
* - YOUR NAME HERE | |||
== 2022-04-02-buffer-overflow == | == 2022-04-02-buffer-overflow == | ||
| Line 62: | Line 65: | ||
=== Mentors === | === Mentors === | ||
* {{U|hanemile}} | |||
=== topics === | === topics === | ||
* Recap: functions (calling conventions) | * Recap: functions (calling conventions) | ||
* Recap: buffers | * Recap: buffers | ||
| Line 72: | Line 76: | ||
=== participants === | === participants === | ||
* YOUR NAME HERE | |||
== 2022-04-16-shellcode == | == 2022-04-16-shellcode == | ||
| Line 78: | Line 83: | ||
=== Mentors === | === Mentors === | ||
* {{U|hanemile}} | |||
=== topics === | === topics === | ||
| Line 89: | Line 94: | ||
=== participants === | === participants === | ||
* YOUR NAME HERE | |||
== 2022-04-30-infoleaks == | == 2022-04-30-infoleaks == | ||
| Line 95: | Line 101: | ||
=== Mentors === | === Mentors === | ||
* {{U|hanemile}} | |||
=== topics === | === topics === | ||
* How can information be leaked? | * How can information be leaked? | ||
* Why leak information? | * Why leak information? | ||
| Line 103: | Line 110: | ||
=== participants === | === participants === | ||
* YOUR NAME HERE | |||
== 2022-05-14-rop == | == 2022-05-14-rop == | ||
| Line 109: | Line 117: | ||
=== Mentors === | === Mentors === | ||
* {{U|hanemile}} | |||
=== topics === | === topics === | ||
* What is the initial problem leading to us ropping? | * What is the initial problem leading to us ropping? | ||
* What is "rop"? | * What is "rop"? | ||
| Line 123: | Line 132: | ||
=== participants === | === participants === | ||
* YOUR NAME HERE | |||
== 2022-05-28-mitigations == | == 2022-05-28-mitigations == | ||
| Line 129: | Line 139: | ||
=== Mentors === | === Mentors === | ||
* {{U|hanemile}} | |||
=== topics === | === topics === | ||
* Start at 0, what are the problems? | * Start at 0, what are the problems? | ||
* What mitigations exist (on a high level)? | * What mitigations exist (on a high level)? | ||
| Line 139: | Line 150: | ||
=== participants === | === participants === | ||
* YOUR NAME HERE | |||
== 2022-06-11-reversing == | == 2022-06-11-reversing == | ||
| Line 145: | Line 157: | ||
=== Mentors === | === Mentors === | ||
* {{U|hanemile}} | |||
* bdgtwy | |||
=== topics === | === topics === | ||
| Line 157: | Line 169: | ||
=== participants === | === participants === | ||
* YOUR NAME HERE | |||
== 2022-06-25-heap-basics == | == 2022-06-25-heap-basics == | ||
| Line 163: | Line 176: | ||
=== Mentors === | === Mentors === | ||
* {{U|hanemile}} | |||
=== topics === | === topics === | ||
| Line 174: | Line 187: | ||
=== participants === | === participants === | ||
* YOUR NAME HERE | |||
== 2022-07-09-heap-techniques == | == 2022-07-09-heap-techniques == | ||
| Line 180: | Line 194: | ||
=== Mentors === | === Mentors === | ||
* {{U|hanemile}} | |||
=== topics === | === topics === | ||
* What's broken? | * What's broken? | ||
* How do we identify broken stuff? | * How do we identify broken stuff? | ||
| Line 189: | Line 204: | ||
=== participants === | === participants === | ||
* YOUR NAME HERE | |||
== 2022-07-23-race-conditions == | == 2022-07-23-race-conditions == | ||
| Line 195: | Line 211: | ||
=== Mentors === | === Mentors === | ||
* {{U|hanemile}} | |||
=== topics === | === topics === | ||
* What are race conditions? | * What are race conditions? | ||
* Where do they arise? | * Where do they arise? | ||
| Line 206: | Line 223: | ||
=== participants === | === participants === | ||
* YOUR NAME HERE | |||
== 2022-08-06-fuzzing == | == 2022-08-06-fuzzing == | ||
| Line 212: | Line 230: | ||
=== Mentors === | === Mentors === | ||
* {{U|hanemile}} | |||
* {{U|maride}} | |||
=== topics === | === topics === | ||
* What is fuzzing? | * What is fuzzing? | ||
* Why fuzz stuff | * Why fuzz stuff | ||
| Line 224: | Line 243: | ||
=== participants === | === participants === | ||
* YOUR NAME HERE | |||
== 2022-08-20-kernel-security == | == 2022-08-20-kernel-security == | ||
| Line 230: | Line 250: | ||
=== Mentors === | === Mentors === | ||
* {{U|hanemile}} | |||
=== topics === | === topics === | ||
* What is the kernel? | * What is the kernel? | ||
* How can we interact with it? | * How can we interact with it? | ||
| Line 240: | Line 261: | ||
=== participants === | === participants === | ||
* YOUR NAME HERE | |||
== 2022-09-03-symbolic-execution == | == 2022-09-03-symbolic-execution == | ||
| Line 246: | Line 268: | ||
=== Mentors === | === Mentors === | ||
* {{U|hanemile}} | |||
* {{U|barbieauglend}} | |||
=== topics === | === topics === | ||
* What is symbolic execution? | * What is symbolic execution? | ||
* Into: z3 | * Into: z3 | ||
| Line 256: | Line 280: | ||
=== participants === | === participants === | ||
* YOUR NAME HERE | |||
== 2022-09-17-automated-program-analysis == | == 2022-09-17-automated-program-analysis == | ||
| Line 265: | Line 290: | ||
=== participants === | === participants === | ||
* YOUR NAME HERE | |||
Revision as of 23:46, 23 February 2022
| CTF foo | |
|---|---|
| Capture The Flag foo | |
| Art | Meet-Up |
| Datum | every other saturday |
| Start | 14:00 |
| Host | hanemile
|
| Relevant? | Yes |
Every two weeks on Saturday from 14:00 - no limit
We'll look at specific topics at each event and maybe play some CTF that is currently running afterwards in order to try out our newly learnt skills.
Topics
Got a topic you'd wish we go over? Put it here:
- YOUT TOPIC HERE
2022-03-05-assembly-basics
Mentors
topics
- Memory
- Register
- "code" (Assembly)
- Functions (calling conventions)
- Buffers
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-03-19-linux
Mentors
topics
- Syscalls
- Interrupts
- Kernel
- Process
- Init
- Boot process
- Filesystems
- Permissions
- Uid, Gid
- ... (add stuff here that might fit here)
participants
- ytvwld
- - YOUR NAME HERE
2022-04-02-buffer-overflow
Mentors
topics
- Recap: functions (calling conventions)
- Recap: buffers
- What do we overwrite?
- What implications can overwriting data have?
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-04-16-shellcode
Mentors
topics
- What is shellcode?
- Why learn to do stuff with it?
- What can we do with it?
- What problems might arise?
- How can we solve the problems that arise?
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-04-30-infoleaks
Mentors
topics
- How can information be leaked?
- Why leak information?
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-05-14-rop
Mentors
topics
- What is the initial problem leading to us ropping?
- What is "rop"?
- Why "rop"?
- Recap: buffer-overflow
- Recap: infoleaks
- How can we leak foo using rop?
- How can we find more gadgets?
- How can we pop a shell?
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-05-28-mitigations
Mentors
topics
- Start at 0, what are the problems?
- What mitigations exist (on a high level)?
- For each problem, what mitigation solves the problem?
- How can we bypass the mitigations?
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-06-11-reversing
Mentors
- hanemile
- bdgtwy
topics
- What is reversing?
- How do we reverse?
- What tools to we use?
- What should be looked at in more detail?
- Qiling
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-06-25-heap-basics
Mentors
topics
- What primitives exist?
- How do they work?
- How to read the "docs" (aka. glibc code)
- How to inspect the heap
- Getting comfy with debugging hooks
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-07-09-heap-techniques
Mentors
topics
- What's broken?
- How do we identify broken stuff?
- How do we break it?
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-07-23-race-conditions
Mentors
topics
- What are race conditions?
- Where do they arise?
- How can we identify them?
- How con we exploit them?
- TOCTOU
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-08-06-fuzzing
Mentors
topics
- What is fuzzing?
- Why fuzz stuff
- How to fuzz stuff
- Concept (Mutation, Coverage, Snapshots, ...)
- Harnessing a target, what to look out for
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-08-20-kernel-security
Mentors
topics
- What is the kernel?
- How can we interact with it?
- What might break?
- How can we break it?
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-09-03-symbolic-execution
Mentors
topics
- What is symbolic execution?
- Into: z3
- Intro: angr
- Problems: Path explosion
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-09-17-automated-program-analysis
topics
- What can be automated?
- What can't be automated? (and why not?)
participants
- YOUR NAME HERE