Information Security Competitions in which players solve challenges in order to obtain a “flag” Demonstrates proficiency or excellence in an area • Binary exploitation, web exploitation, reverse engineering, forensics, cryptography, programming, etc. • Organizers choice which areas are stressed for a particular event
install gcc-multilib gcc-mipsel-linux-gnu gcc-arm-linux-gnueabi g++-multilib linux-libc-dev:i386 2. make 3. docker-compose build && docker-compose up -d 4. Containers are viewable at localhost:PORT (view with docker-compose ps) 5. docker-compose kill to stop the containers 6. make clean to clean the source folders
the intention is to hack your code! Write a challenge (boot2root, binary, web, more) you would want to solve and send it to friends, tweet it, etc See what other people write for challenges and get inspiration • CTF content creators should open source their work! Write-ups are aplenty, not a lot of challenge source! • Pwn 100 and Pwn 200 for the 2018 BSidesPDX CTF are spinoffs of other challenges ◦ As well as the initial concept for infra! Thanks BSidesSF!
move BSides and CTF forward Base reference implementation on building CTF and infra saves time • Shout out to BSidesSF! Get involved with an organizer of a CTF! • We open source ours!!! • Talk to me about being involved next year!