CTF and their categories • Live demo (Hackiiiinnggg sesssssioooonnnnnnn) • Upcoming CTFs • Tips for your first CTF • Quizizz (there will be prizessssssssssss) • End / Q & A session
from digital attacks. • Key Focus: Prevent unauthorized access and data breaches. • Technical Aspects: • Network security. • Software vulnerabilities. • Data encryption. • Intrusion detection. • Requires: In-depth IT and computing knowledge. • Evolving Field: Constant updates needed to counter new cyber threats.
25,000 cybersecurity experts by 2025. • Current Shortfall: Malaysia has only 13,000 workers in cybersecurity currently. • There will be a lot of industry opportunities in the future. • Because it is fun. • Challenging, but very rewarding. Source : Kosmo
of tech jobs in the industry, is heavy on the technical side…. There’s plenty of ways to learn cybersecurity. But one of the best way is through playing Capture The Flag (CTF) challenges.
it's not what you think! In this case, the "flag" is a secret code hidden in a computer system. Players have to find the code by solving a series of puzzles and challenges. It's like a real-life treasure hunt, but with cybersecurity. CTFs are a fun way to learn about cybersecurity and gain new skills. Basically it’s a platform that allows you to hack in a controlled environment without being afraid of breaking the ethics.
Held in 1996 at DEFCON hacker conference and organized by a group of computer security experts. 2 CTF goes mainstream Starting in the mid-2000s, CTF becomes a popular cybersecurity training tool in academia and industry. 3 International CTF tournaments Today, CTF is a global phenomenon with international tournaments such as DEFCON CTF Qualifier and Trend Micro CTF.
vulnerabilities in web applications, such as SQL injection and XSS attacks and more. Reverse Engineering Challenges that require analyzing and understanding a compiled binary or assembly code to find a hidden flag. Pwn/Binary Exploitation Challenges that require exploiting vulnerabilities in binaries running on a remote server by overwriting a return address or hijacking a function call. Forensics Challenges that require analyzing digital artifacts, such as network packets and memory dumps, to find a hidden flag. E.g: Analyzing PCAP files, memory dump etc Cryptography Challenges that require deciphering encrypted messages or cracking codes to find a hidden flag. Includes classic ciphers, modern encryption algorithms, and steganography. Miscellaneous Challenges that don't fit into any specific category, such as trivia questions, puzzles, and scavenger hunts. Can require various skills, such as image analysis, audio decoding, and social engineering. OSINT Challenges that require gathering and analyzing information from publicly available sources, such as social media and government websites, to find a hidden flag.
challenges foster teamwork and creativity by promoting healthy competition and a sense of accomplishment. Real-World Relevance CTF challenges simulate real-world cyber threats and give participants hands-on experience with security tools and techniques. Learning by Doing CTF challenges provide immediate feedback and a constructive learning environment that encourages experimentation and exploration.
Well, in Malaysia, we are starting to have even more CTFs now and it is currently being recognized by gov and companies alike as a good platform to compete and learn about cybersecurity. Here are some of the notable ones so far. CYDES 2023 CTF Battle Of Hackers 2022 CTF I-Hack 2022 CTF
the same as Hackathon! We don’t do building stuff here, we break stuff. • You don’t need to know how to code to start getting into CTFs. • It’s normal to have zero to one flag solve for your first CTF. Even I had no solve on my first CTF. • Don’t give up and keep on playing! • Read writeups after the CTF has ended, try to recreate or solve the challenge again using the writeup. • Try to connect and make friends with other players as well if you are in a physical setting. • Don’t focus on winning, focus on the learning experience instead.
participating in CTF challenges and learning, there are many platforms you can try. Some popular options include: • TryHackMe (paid but very beginner friendly) - https://tryhackme.com/ • Hack the Box (for advanced players) - https://www.hackthebox.eu/ • CTFtime (where you could find CTF held globally and world team ranking) - https://ctftime.org/ • PicoCTF (free and beginner friendly) - https://picoctf.com/ Each platform has its own unique challenges and community. Try them out to see which one you like best! • Fareed Fauzi CTF Playbook (Notes and tools for solving challenges in CTFs) - https://fareedfauzi.gitbook.io/ctf-playbook/ • HackTricks (Notes and tools for solving challenges in CTFs) - https://book.hacktricks.xyz/ • John Hammond Katana (Notes n tools for solving CTF challenges) https://github.com/JohnHammond/ctf-katana
lemiorhan
destraynor
kevinliebholz
trallard
aarron
jrom
62gerente
yeseniaperezcruz
shlominoach
eileencodes
bluesmoon
csswizardry
