Introduction to InfoSec
CTF WTF?
Categories
Crypto
- Ancient Crypto: ROT13, Cesar Cipher, Vignere Cipher etc.
- Modern Crypto: AES, DES, RSA etc.
Reverse Engineering
Web
- XSS
- SQLi
- Directory Traversal
- File include
- Code Injection
- ...
Forensics
- Analyzing Network Captures(Wireshark etc.)
- Steganography: concealing a file, message, image, or video within another file, message, image, or video.
Binary Exploitation
Text
- Buffer overflows
- Return-oriented programming
- Format String vulnerability
- ...
Types
Jeopardy
Attack-Defence
Jeopardy
Jeopardy
Attack Defence
Wargames
(Always online CTFs)
- backdoor.sdslabs.co
- picoctf.com
- pwnable.kr
- overthewire.org/wargames/
- io.netgarage
- gracker.org
- ...many more
Important links
- ctftime.org
- github.com/apsdehal/awesome-ctf
- reddit.com/r/securityctf
- github.com/InfoSecIITR/
- github.com/zardus/ctf-tools
Bug Bounties
(Report bugs and get paid)
- hackerone.com
- bugcrowd.com
InfoSecIITR
What do we even do?
Organizing CTFs on Backdoor (backdoor.sdslabs.co) along with SDSLabs
Meetup every week to solve challenges together, and have discussions on anything related to security.
We use Slack as the platform for our online discussions.
Regularly participate in CTFs and win too :p
Deloitte CCTC
(Consecutive winners for 3 years in a row)
Microsoft BTS Quals
Rank 1, 5, 8 in India
Microsoft BTS
(on-site)
Winners and Runners up
CSAW CTF 2016 Quals.
2nd, 13th, 14th rank in India (qualified for the finals to be held in November)
InfoSec Intro talk
By Paras Chetal
