Fantastic turn-out for the Capture the Flag demonstration held jointly with the Roanoke Linux User’s group. Thanks to everyone who participated! We had a great turnout – almost 50 participants.
Note: This cooperative event will start at 6:30pm!
Capture the Flag challenges offer the opportunity to improve your InfoSec skills whether you are a seasoned penetration tester or just starting your journey. An InfoSec novice may not sweep the competition but they will certainly improve their knowledge. Trying new things can be hard especially in a profession that contains talent that, at times, seems untouchable. Let’s calm those fears with a CtF demonstration and review.
The SANS Holiday Hack Challenge is going to be released on Dec 9th, we’re going to party on Dec 15th:
If you’re not familiar with the challenge it is an annual event put on by Ed Skoudis and his team. It is essentially a game that involves a series of cyber security challenges designed to get you to learn a wide variety of skills. The team does a phenomenal job. It has elements for all skill levels and hints as you go along the way. Last year’s challenge was EPIC and I think my wife was ready to kill me if I didn’t stop playing. I’ll warn you, it can get addictive.
The challenges are kept online each year so you can continue to play, even if you didn’t complete it by the deadline. Here is last year’s challenge if you want take a look: https://holidayhackchallenge.com/ This link will likely update to the 2016 challenge on 12/9. If so, here is a list of past challenges: https://pen-testing.sans.org/holiday-challenge/
I can honestly say, after playing last year, I have looked forward to this year’s challenge all year long. My wife, maybe not so much, since I had my head buried in my laptop for 2 weeks last time 🙂 Here are just a few of the things I either learned about, or added skills to while playing last years challenge: sed, awk, scapy, python, JSON, SQL injection techniques, numerous web application pentesting techniques, Burp Suite, mondoDB, firmware extraction, DNS CnC and data exfil. And when I wasn’t pulling out my hair, I had an absolute blast doing it!
Join us on 12/15 to work on the Holiday Hack Challenge. It is for all skill levels and you will be surprised how much you will learn. We will have wifi access available so everyone can work on the challenge. If you are a student and want to participate but don’t have a laptop, let us know and I will make arrangements so you will have somethig to work on.
To make the best use of the time at the party, go ahead and sign up for an account once the challenge is posted on 12/9. You can start playing anytime after you get an account. I also recommend having some sort of virtualization software on your laptop such as VirtualBox or VMWare Player, both are free. And having a VM running Kali set up. Or if Kali is your main OS you may want to have a Windows VM setup. All of that will aid you in the challenge.
As usual we’ll have beer/soda and snacks. Just bring your brains because you’re going to need them.
The meeting will be at 5:30pm on 12/15 at R&K Solutions, 2797 Frontage Rd NW, STE 1000, Roanoke, VA 24017. Google Maps.