|
|
| (18 intermediate revisions by 7 users not shown) |
| Line 1: |
Line 1: |
| {{Event
| | An event focused on "Capture the Flag" Events. The main point here is to get people into the security field in a welcoming way and provide a space for interested people to exchange knowledge. |
| |Title=CTF foo
| |
| |Description=Capture The Flag foo
| |
| |Type=Meet-Up
| |
| |Date=every other saturday
| |
| |Start=14:00
| |
| |Host=hanemile
| |
| |isRelevant=Yes
| |
| }}
| |
|
| |
|
| Every two weeks on Saturday from 14:00 - no limit
| | The individual events which take place every two weeks at 14:00 and have a dedicated topic, but we're also quite flexible and can look into other stuff (So if you've got a topic you might be interested in, bring it up!). |
|
| |
|
| We'll look at specific topics at each event and maybe play some CTF that is currently running afterwards in order to try out our newly learnt skills. | | We'll look at specific topics at each event and maybe play some CTF that is currently running afterwards in order to try out our newly learnt skills. |
|
| |
|
| === Topics ===
| | If you've got anything regarding the event, just ping {{U|hanemile}}. |
| Got a topic you'd wish we go over? Put it here:
| |
|
| |
|
| * YOUT TOPIC HERE
| | Here's a list of the past events giving you a brief idea on what we're doing: |
|
| |
|
| == 2022-03-05-assembly-basics ==
| | {{#ask: |
| | | [[has title::CTF foo]] |
| === Mentors ===
| | [[Category:Events]] |
| | | |?has description |
| * {{U|hanemile}}
| | |sort=Has Date |
| | | |order=ascending |
| === topics ===
| | |format=datatable |
| * Memory
| | }} |
| * Register
| |
| * "code" (Assembly)
| |
| * Functions (calling conventions)
| |
| * Buffers
| |
| * ... (add stuff here that might fit here)
| |
| | |
| === participants ===
| |
| | |
| * YOUR NAME HERE
| |
| Spectranis
| |
| | |
| == 2022-03-19-linux ==
| |
| | |
| === Mentors ===
| |
| | |
| * {{U|hanemile}}
| |
| * {{U|ytvwld}}
| |
| | |
| === topics ===
| |
| | |
| * Syscalls
| |
| * Interrupts
| |
| * Kernel
| |
| * Process
| |
| * Init
| |
| * Boot process
| |
| * Filesystems
| |
| * Permissions
| |
| * Uid, Gid
| |
| * ... (add stuff here that might fit here)
| |
| | |
| === participants ===
| |
| | |
| * {{U|ytvwld}}
| |
| * - YOUR NAME HERE
| |
| | |
| == 2022-04-02-buffer-overflow ==
| |
| | |
| === Mentors ===
| |
| | |
| * {{U|hanemile}}
| |
| | |
| === topics ===
| |
| | |
| * Recap: functions (calling conventions)
| |
| * Recap: buffers
| |
| * What do we overwrite?
| |
| * What implications can overwriting data have?
| |
| * ... (add stuff here that might fit here)
| |
| | |
| === participants ===
| |
| | |
| * YOUR NAME HERE
| |
| | |
| == 2022-04-16-shellcode ==
| |
| | |
| === Mentors ===
| |
| | |
| * {{U|hanemile}}
| |
| | |
| === topics ===
| |
| * What is shellcode?
| |
| * Why learn to do stuff with it?
| |
| * What can we do with it?
| |
| * What problems might arise?
| |
| * How can we solve the problems that arise?
| |
| * ... (add stuff here that might fit here)
| |
| | |
| === participants ===
| |
| | |
| * YOUR NAME HERE
| |
| | |
| == 2022-04-30-infoleaks ==
| |
| | |
| === Mentors ===
| |
| | |
| * {{U|hanemile}}
| |
| | |
| === topics ===
| |
| | |
| * How can information be leaked?
| |
| * Why leak information?
| |
| * ... (add stuff here that might fit here)
| |
| | |
| === participants ===
| |
| | |
| * YOUR NAME HERE
| |
| | |
| == 2022-05-14-rop ==
| |
| | |
| === Mentors ===
| |
| | |
| * {{U|hanemile}}
| |
| | |
| === topics ===
| |
| | |
| * What is the initial problem leading to us ropping?
| |
| * What is "rop"?
| |
| * Why "rop"?
| |
| * Recap: buffer-overflow
| |
| * Recap: infoleaks
| |
| * How can we leak foo using rop?
| |
| * How can we find more gadgets?
| |
| * How can we pop a shell?
| |
| * ... (add stuff here that might fit here)
| |
| | |
| === participants ===
| |
| | |
| * YOUR NAME HERE
| |
| | |
| == 2022-05-28-mitigations ==
| |
| | |
| === Mentors ===
| |
| | |
| * {{U|hanemile}}
| |
| | |
| === topics ===
| |
| | |
| * Start at 0, what are the problems?
| |
| * What mitigations exist (on a high level)?
| |
| * For each problem, what mitigation solves the problem?
| |
| * How can we bypass the mitigations?
| |
| * ... (add stuff here that might fit here)
| |
| | |
| === participants ===
| |
| | |
| * YOUR NAME HERE
| |
| | |
| == 2022-06-11-reversing ==
| |
| | |
| === Mentors ===
| |
| | |
| * {{U|hanemile}}
| |
| * bdgtwy
| |
| | |
| === topics ===
| |
| * What is reversing?
| |
| * How do we reverse?
| |
| * What tools to we use?
| |
| * What should be looked at in more detail?
| |
| * Qiling
| |
| * ... (add stuff here that might fit here)
| |
| | |
| === participants ===
| |
| | |
| * YOUR NAME HERE
| |
| | |
| == 2022-06-25-heap-basics ==
| |
| | |
| === Mentors ===
| |
| | |
| * {{U|hanemile}}
| |
| | |
| === topics ===
| |
| * What primitives exist?
| |
| * How do they work?
| |
| * How to read the "docs" (aka. glibc code)
| |
| * How to inspect the heap
| |
| * Getting comfy with debugging hooks
| |
| * ... (add stuff here that might fit here)
| |
| | |
| === participants ===
| |
| | |
| * YOUR NAME HERE
| |
| | |
| == 2022-07-09-heap-techniques ==
| |
| | |
| === Mentors ===
| |
| | |
| * {{U|hanemile}}
| |
| | |
| === topics ===
| |
| | |
| * What's broken?
| |
| * How do we identify broken stuff?
| |
| * How do we break it?
| |
| * ... (add stuff here that might fit here)
| |
| | |
| === participants ===
| |
| | |
| * YOUR NAME HERE
| |
| | |
| == 2022-07-23-race-conditions ==
| |
| | |
| === Mentors ===
| |
| | |
| * {{U|hanemile}}
| |
| | |
| === topics ===
| |
| | |
| * What are race conditions?
| |
| * Where do they arise?
| |
| * How can we identify them?
| |
| * How con we exploit them?
| |
| * TOCTOU
| |
| * ... (add stuff here that might fit here)
| |
| | |
| === participants ===
| |
| | |
| * YOUR NAME HERE
| |
| | |
| == 2022-08-06-fuzzing ==
| |
| | |
| === Mentors ===
| |
| | |
| * {{U|hanemile}}
| |
| * {{U|maride}}
| |
| | |
| === topics ===
| |
| | |
| * What is fuzzing?
| |
| * Why fuzz stuff
| |
| * How to fuzz stuff
| |
| * Concept (Mutation, Coverage, Snapshots, ...)
| |
| * Harnessing a target, what to look out for
| |
| * ... (add stuff here that might fit here)
| |
| | |
| === participants ===
| |
| | |
| * YOUR NAME HERE
| |
| | |
| == 2022-08-20-kernel-security ==
| |
| | |
| === Mentors ===
| |
| | |
| * {{U|hanemile}}
| |
| | |
| === topics ===
| |
| | |
| * What is the kernel?
| |
| * How can we interact with it?
| |
| * What might break?
| |
| * How can we break it?
| |
| * ... (add stuff here that might fit here)
| |
| | |
| === participants ===
| |
| | |
| * YOUR NAME HERE
| |
| | |
| == 2022-09-03-symbolic-execution ==
| |
| | |
| === Mentors ===
| |
| | |
| * {{U|hanemile}}
| |
| * {{U|barbieauglend}}
| |
| | |
| === topics ===
| |
| | |
| * What is symbolic execution?
| |
| * Into: z3
| |
| * Intro: angr
| |
| * Problems: Path explosion
| |
| * ... (add stuff here that might fit here)
| |
| | |
| === participants ===
| |
| | |
| * YOUR NAME HERE
| |
| | |
| == 2022-09-17-automated-program-analysis ==
| |
| | |
| === topics ===
| |
| * What can be automated?
| |
| * What can't be automated? (and why not?)
| |
| | |
| === participants ===
| |
| | |
| * YOUR NAME HERE
| |
.