Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Hacking is not Black & White

Kumar Ashwin
September 07, 2021

Hacking is not Black & White

The talk was about the basic introduction about the CTFs and how they can be great to learn about cyber security. I designed a CTF challenge around steganography, as a pre-session challenge, to find the details about the speaker. Followed by the session and few in-session activities, and concluded with a post-session CTF challenge and QnA with the attendees.

For more - Read Here!

Kumar Ashwin

September 07, 2021
Tweet

More Decks by Kumar Ashwin

Other Decks in Education

Transcript

  1. Hey.
    1

    View Slide

  2. 2
    Hacking is not black and white
    by Kumar Ashwin

    View Slide

  3. Look out for something
    interesting.
    3

    View Slide

  4. Why are we here?
    4

    View Slide

  5. 5

    View Slide

  6. C A
    I
    Confidentiality Integrity Availability
    6

    View Slide

  7. hacking
    the gaining of unauthorized access to data in a system or computer.
    /ˈhakɪŋ/
    7

    View Slide

  8. Web Security
    Mobile Security
    Cloud Security
    IoT Security
    Network Security
    Social Engineering
    Reverse Engineering
    Malware Analysis
    Cryptography
    Etc.
    8

    View Slide

  9. Good engineering involves thinking about how
    things can be made to work; the security
    mindset involves thinking about how things
    can be made to fail. It involves thinking like an
    attacker, an adversary or a criminal.
    https://www.schneier.com/blog/archives/2008/03/the_security_mi_1.html
    9

    View Slide

  10. Reconnaissance (OSINT)
    Scanning or Enumeration
    Exploration
    Maintaining Access
    Clearing Access
    Post Exploitation
    Reporting
    10

    View Slide

  11. 11
    Red Team Blue Team
    Detect and prevent
    security controls
    Exploit, compromise, and
    circumvent
    https://blog.eccouncil.org/red-team-vs-blue-team/

    View Slide

  12. Learn the CTF? way
    12

    View Slide

  13. 13
    Jeopardy
    Attack & Defence Linear
    King of the Hill
    Life
    100
    Decimal
    200
    EasyOne
    300
    BINARY SCRIPTING
    WEB
    Joe’s
    100
    Love
    200
    Round
    300
    Code
    100
    Cash
    200
    Again
    300

    View Slide

  14. 14
    Jeopardy
    Attack & Defence
    Linear
    King of the Hill
    Team 1 Team 2 Team 3 Team 4
    Team 1’s
    Server
    Team 2’s
    Server
    Team 3’s
    Server
    Team 4’s
    Server
    Defend Attack

    View Slide

  15. 15
    Jeopardy Attack & Defence Linear
    King of the Hill
    Team 1 Team 2 Team 3 Team 4
    Central Server

    View Slide

  16. 16
    Jeopardy Attack & Defence
    Linear
    King of the Hill
    Lvl 1 Lvl 2 Lvl 3 Lvl 4

    View Slide

  17. CTFs are awesome
    17
    ZGV2Y3t5b3VfYXJlX2F3ZXNvbWV9

    View Slide

  18. CTFs are a great way to
    learn. Not necessarily the
    only way.
    18

    View Slide

  19. horrible passwords
    19

    View Slide

  20. Resources
    20

    View Slide

  21. 21
    ___ / /\
    /__/\ / /::\
    \__\:\ / /:/\:\
    / /::\ / /:/ \:\
    __/ /:/\/ /__/:/ \__\:\
    /__/\/:/~~ \ \:\ / /:/
    \ \::/ \ \:\ /:/
    \ \:\ \ \:\/:/
    \__\/ \ \::/
    \__\/
    Hacker101
    www.hackingarticles.in InfoSec WriteUps POCs
    B
    O
    O
    K
    S
    Web Application
    Hackers
    Handbook
    Red Team Field
    Manual
    The Hacker’s
    Playbook

    View Slide

  22. 22

    View Slide

  23. Did you find something interesting in the slide deck?

    View Slide

  24. ZGV2Y3t5b3VfYXJlX2F3ZXNvbWV9

    View Slide

  25. 25
    $ whoami

    View Slide

  26. 26
    Hack for good!
    0xCardinal

    View Slide