saarsec CTF Workshop
REGISTRATION CLOSED!
Whoa, we didn't expect that many people to sign up. To ensure that everyone will have a good time, we unfortunately had to close the registration. We will be back latest next year!
About the workshop
Towards the end of the semester break, we - saarsec, a group of CTF players - offer a compact workshop to teach interested students core concepts of hacking and capture-the-flag (CTF) competitions specifically. If you have questions, keep reading! You might find the answer to your question is already here, and you will definitely know how to contact us once you read everything! The workshop will cover the whole weekend, starting with an introduction and get-together on the evening of Friday, April 12th, and ending on Sunday, April 14th with an amazing Attack-Defense CTF.
During the workshop, we will introduce the general categories of Jeopardy CTFs, the common vulnerabilities found in CTFs and real-world applications, and how to automate exploitation during CTFs using Python. Did you know that an email address consists of a local-part and a domain with an @ sign in between? But that is just theory! In our workshop, participants engage in hands-on exercises that challenge them to compete against each other in a Jeopardy CTF. The pinnacle of the workshop is the A/D CTF competition, where participants compete against each other in teams.
If you want to know more about what you can expect, read the report from a previous participant.
Timeline
We start on Friday with a short introduction and getting you and your Laptop
ready for some action. Afterward, we will get to know each other a little better
at the
Ratskeller.
On Saturday, we will cover Linux basics and give an introduction to common Web
vulnerabilities and how to exploit them. After the lunch break, there will be
sessions on how to automate exploits using Python and an introduction to Binary
Exploitation / Reverse Engineering. Psst: The domain part of our support
address is saarsec dot rocks.
Last but not least, we conclude our presentations on Sunday with common Crypto
vulnerabilities and introduce you to playing Attack-Defense CTFs. As a closing
highlight the participants will be teamed up for a final A/D-CTF battle. After
about 4 hours of hacking each other, we wrap up the workshop with solutions to
the CTF tasks.
Timeslot | Friday | Saturday | Sunday |
---|---|---|---|
10:00 - 11:30 |
Linux Basics
by Niklas
|
Crypto
by Till
|
|
11:30 - 13:00 |
Web & Browser Tools
by Demian
|
How-to CTF
by Simeon
|
|
13:00 - 14:00 |
Lunch Break
|
Lunch Break & CTF Preparation
|
|
14:00 - 15:30 |
Exploit Automation
by Kiran
|
Practice CTF
by saarsec
|
|
15:30 - 17:00 |
Binary
by Daniel
|
Practice CTF
by saarsec
|
|
17:00 - 18:30 |
Introduction & Setup
by Simeon
|
Challenge Time
|
Practice CTF & WrapUp
by saarsec
|
Open End |
Get Together
Location: Ratskeller
|
Challenge Time
|
Requirements for the workshop
We do not necessarily have any requirements for operating systems, but you should consider that several tools you might want to use are only available on Linux or MacOS. Hence we recommend a live USB key, a VM or WSL (or just switch to any of the superior Linux Distros ;) ). Regardless of the OS, please ensure that you have Python installed ahead of time and know how to install new packages (or even better, have requests installed beforehand). Depending on how you want to code, we suggest you have some IDE ready (e.g., PyCharm has a free academic license).
Logistics
The event will take place at the CISPA C0 building (Stuhlsatzenhaus). Please note that we can not offer you coffee, drinks or snacks there and all nearby shops and cafes are typically closed during the weekends, so you might want to bring some of that. At this point I will tell that the local part of our email address is "workshop". We will order pizza for the lunch break - more details TBA.
If you are interested in joining, please register here, and click on the account activation link that you'll receive via email.
TL;DR
- CTF Workshop - Lots of fun hacking things and your mates
- Time: Evening of the 12th to 14th of April
- Location: CISPA C0 (Stuhlsatzenhaus)
- Bring:
- coffee / tea / whatever you like to drink
- snacks
- laptop and charger
- cash for pizza
- Register here, follow the emailed instructions.
- Read the text above to find out how to contact us if you have questions.