Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Hacking is not Black & White

Kumar Ashwin
September 07, 2021
Education
0
16

Hacking is not Black & White

The talk was about the basic introduction about the CTFs and how they can be great to learn about cyber security. I designed a CTF challenge around steganography, as a pre-session challenge, to find the details about the speaker. Followed by the session and few in-session activities, and concluded with a post-session CTF challenge and QnA with the attendees.

For more - Read Here!

Kumar Ashwin

September 07, 2021
Tweet

More Decks by Kumar Ashwin

See All by Kumar Ashwin
Securing Containers From Day One | null Ahmedabad Meetup
0xcardinal
0
410
Getting Started with DFIR | Payatu Webinar
0xcardinal
0
160
Honey Dripping From The Cloud | BSides BHAM
0xcardinal
0
180
Dive In With Git
0xcardinal
0
23

Other Decks in Education

See All in Education
Earthquake and Disaster Prevention Information for UTokyo International Students
utokyoissr2360
0
180
20230420_イノベ枠受講生アンケート結果
residentniigata
0
350
Sähköiset kyselyt, kokeet ja arviointi
matleenalaakso
1
15k
||とorの違いは登壇して解決した
sapi_kawahara
0
230
生成AI時代における大学の現在地を探る
gmoriki
2
770
Animaatiot opetuksessa
matleenalaakso
0
2.7k
Intro-1: Welcome to Daily Planning: How to Use a Planner for ADHD Moms
motherhoodinadhd
PRO
0
150
学校図書館の活用を推進するための学校図書館担当教諭の役割について
librarius
0
200
コミュニケーションについて
miholovesq
1
110
生成AIの現在地:大学運営における現状認識から活用まで
gmoriki
0
550
Education_for_a_Sustainable_Energy_Future.pdf
learnenergy2
0
110
教育研究における研究倫理問題の論点整理
arumakan
0
380

Featured

See All Featured
Gamification - CAS2011
davidbonilla
75
4.3k
A Tale of Four Properties
chriscoyier
150
21k
Building Better People: How to give real-time feedback that sticks.
wjessup
349
18k
GraphQLとの向き合い方2022年版
quramy
25
11k
Designing Experiences People Love
moore
133
22k
No one is an island. Learnings from fostering a developers community.
thoeni
14
1.8k
ParisWeb 2013: Learning to Love: Crash Course in Emotional UX Design
dotmariusz
101
6.4k
It's Worth the Effort
3n
179
27k
Streamline your AJAX requests with AmplifyJS and jQuery
dougneiner
130
9k
Docker and Python
trallard
31
2.3k
Writing Fast Ruby
sferik
615
59k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
17
1.3k

Transcript

  1. Hey.
    1

    View Slide

  2. 2
    Hacking is not black and white
    by Kumar Ashwin

    View Slide

  3. Look out for something
    interesting.
    3

    View Slide

  4. Why are we here?
    4

    View Slide

  5. 5

    View Slide

  6. C A
    I
    Confidentiality Integrity Availability
    6

    View Slide

  7. hacking
    the gaining of unauthorized access to data in a system or computer.
    /ˈhakɪŋ/
    7

    View Slide

  8. Web Security
    Mobile Security
    Cloud Security
    IoT Security
    Network Security
    Social Engineering
    Reverse Engineering
    Malware Analysis
    Cryptography
    Etc.
    8

    View Slide

  9. Good engineering involves thinking about how
    things can be made to work; the security
    mindset involves thinking about how things
    can be made to fail. It involves thinking like an
    attacker, an adversary or a criminal.
    https://www.schneier.com/blog/archives/2008/03/the_security_mi_1.html
    9

    View Slide

  10. Reconnaissance (OSINT)
    Scanning or Enumeration
    Exploration
    Maintaining Access
    Clearing Access
    Post Exploitation
    Reporting
    10

    View Slide

  11. 11
    Red Team Blue Team
    Detect and prevent
    security controls
    Exploit, compromise, and
    circumvent
    https://blog.eccouncil.org/red-team-vs-blue-team/

    View Slide

  12. Learn the CTF? way
    12

    View Slide

  13. 13
    Jeopardy
    Attack & Defence Linear
    King of the Hill
    Life
    100
    Decimal
    200
    EasyOne
    300
    BINARY SCRIPTING
    WEB
    Joe’s
    100
    Love
    200
    Round
    300
    Code
    100
    Cash
    200
    Again
    300

    View Slide

  14. 14
    Jeopardy
    Attack & Defence
    Linear
    King of the Hill
    Team 1 Team 2 Team 3 Team 4
    Team 1’s
    Server
    Team 2’s
    Server
    Team 3’s
    Server
    Team 4’s
    Server
    Defend Attack

    View Slide

  15. 15
    Jeopardy Attack & Defence Linear
    King of the Hill
    Team 1 Team 2 Team 3 Team 4
    Central Server

    View Slide

  16. 16
    Jeopardy Attack & Defence
    Linear
    King of the Hill
    Lvl 1 Lvl 2 Lvl 3 Lvl 4

    View Slide

  17. CTFs are awesome
    17
    ZGV2Y3t5b3VfYXJlX2F3ZXNvbWV9

    View Slide

  18. CTFs are a great way to
    learn. Not necessarily the
    only way.
    18

    View Slide

  19. horrible passwords
    19

    View Slide

  20. Resources
    20

    View Slide

  21. 21
    ___ / /\
    /__/\ / /::\
    \__\:\ / /:/\:\
    / /::\ / /:/ \:\
    __/ /:/\/ /__/:/ \__\:\
    /__/\/:/~~ \ \:\ / /:/
    \ \::/ \ \:\ /:/
    \ \:\ \ \:\/:/
    \__\/ \ \::/
    \__\/
    Hacker101
    www.hackingarticles.in InfoSec WriteUps POCs
    B
    O
    O
    K
    S
    Web Application
    Hackers
    Handbook
    Red Team Field
    Manual
    The Hacker’s
    Playbook

    View Slide

  22. 22

    View Slide

  23. Did you find something interesting in the slide deck?

    View Slide

  24. ZGV2Y3t5b3VfYXJlX2F3ZXNvbWV9

    View Slide

  25. 25
    $ whoami

    View Slide

  26. 26
    Hack for good!
    0xCardinal

    View Slide