Introduction to InfoSec

CTF WTF?

Categories

Crypto

  • Ancient Crypto: ROT13, Cesar Cipher, Vignere Cipher etc.

 

 

  • Modern Crypto: AES, DES, RSA etc.

Reverse Engineering

Web

  • XSS
  • SQLi
  • Directory Traversal
  • File include
  • Code Injection
  • ...

Forensics

  • Analyzing Network Captures(Wireshark etc.)
  • Steganography: concealing a file, message, image, or video within another file, message, image, or video.

Binary Exploitation

Text

  • Buffer overflows
  • Return-oriented programming
  • Format String vulnerability
  • ...

Types

Jeopardy

Attack-Defence

Jeopardy

Jeopardy

Attack Defence

Wargames

(Always online CTFs)

  • backdoor.sdslabs.co
  • picoctf.com
  • pwnable.kr
  • overthewire.org/wargames/
  • io.netgarage
  • gracker.org
  • ...many more

Important links

  • ctftime.org
  • github.com/apsdehal/awesome-ctf
  • reddit.com/r/securityctf
  • github.com/InfoSecIITR/
  • github.com/zardus/ctf-tools

Bug Bounties
(Report bugs and get paid)

  • hackerone.com
  • bugcrowd.com

InfoSecIITR

What do we even do?

Organizing CTFs on Backdoor (backdoor.sdslabs.co) along with SDSLabs

Meetup every week to solve challenges together, and have discussions on anything related to security.

We use Slack as the platform for our online discussions.

Regularly participate in CTFs and win too :p

Deloitte CCTC

(Consecutive winners for 3 years in a row)

Microsoft BTS Quals

Rank 1, 5, 8 in India

Microsoft BTS

(on-site)

Winners and Runners up

CSAW CTF 2016 Quals.

2nd, 13th, 14th rank in India (qualified for the finals to be held in November)

Made with Slides.com