Information Security Competitions in which players solve challenges in order to obtain a “flag” Demonstrates proficiency or excellence in an area • Binary exploitation, web exploitation, reverse engineering, forensics, cryptography, programming, etc. • Organizers choice which areas are stressed for a particular event
meant to be intimidating and there are some challenges that any attendee should be able to solve! Come and learn some new skills or freshen up on some of the basics, which are easily forgotten.
Amazon EKS • Network policies to restrict pod network access • kube2iam to provide restricted IAM roles to pods • Disabled ServiceAccount token mount inside pods • RBAC enabled
install gcc-multilib gcc-mipsel-linux-gnu gcc-arm-linux-gnueabi g++-multilib linux-libc-dev:i386 2. make 3. docker-compose build && docker-compose up -d 4. Containers are viewable at localhost:PORT (view with docker-compose ps) 5. docker-compose kill to stop the containers 6. make clean to clean the source folders
the intention is to hack your code! Write a challenge (boot2root, binary, web, more) you would want to solve and send it to friends, tweet it, etc See what other people write for challenges and get inspiration • CTF content creators should open source their work! Write-ups are aplenty, not a lot of challenge source! • Pwn 100 and Pwn 200 for the 2018 BSidesPDX CTF are spinoffs of other challenges ◦ As well as the initial concept for infra! Thanks BSidesSF!
move BSides and CTF forward Base reference implementation on building CTF and infra saves time • Shout out to BSidesSF! Get involved with an organizer of a CTF! • We open source ours!!! • Talk to me about being involved next year!
tophertimzen
sstephenson
chrislema
akosma
denniskardys
danielanewman
sferik
mongodb
lauravandoore
paigeccino
bcantrill
bkeepers
