SlideShare uma empresa Scribd logo

It security cft

M
Mutten
TecnologiaDiversão e humor
1 de 11
Baixar para ler offline
Morten Juhl Jørgensen Mads Angelbo Pedersen 29/09/2011
 What is CFT  Game Style Overview  Info  Alternatives  Demo  Questions
Capture The Flag
 The task is to maintain a server running multiple services, while simultaneously trying to get access to the other team's servers. Each successful penetration gains points, as well as keeping services up and functional during the course of the game.
 The exercise consists of multiple teams, each hosting a server that has multiple services running,  The services contain typical security vulnerabilities that allow to compromise the server to a certain extend.  The goal is to maintain the services up, functional and uncompromised for the duration of the game.  Additional scores can be gained by patching the vulnerabilities of the services and exploiting the knowledge of the found weaknesses at the other team's servers.
 There are some alternatives to CFT like: ◦ WarGames : a Typical server program or VM the you can Download and attack without any Time pressure ◦ Crakme’s : Programs where you try to Reverse Engineer and make a Serial number generator ◦ Non safe Applikations : ” Damn vulnerable Linux” ” Web Goat ”
Will be non 
 http://www.the- playground.dk/index.php?page=wargames  http://sourceforge.net/projects/ctfd/  http://prosa-ctf.the-playground.dk/  http://www.cipher- ctf.org/CaptureTheFlag.php  http://mirrors.dotsrc.org/blivklogere/njlug/2 010-09-16_CTF/ctf.pdf  http://inctf.in/ctf/what/

Recomendados

Chrome os
Chrome osChrome os
Chrome osDevender Singh
 
As7 at jbug Milan
As7 at jbug MilanAs7 at jbug Milan
As7 at jbug Milanmaeste
 
padmahasa november 2016 resume.Doc
padmahasa november 2016 resume.Docpadmahasa november 2016 resume.Doc
padmahasa november 2016 resume.Docpadma hasa
 
[CB19] Attacking DRM subsystem to gain kernel privilege on Chromebooks by Di ...
[CB19] Attacking DRM subsystem to gain kernel privilege on Chromebooks by Di ...[CB19] Attacking DRM subsystem to gain kernel privilege on Chromebooks by Di ...
[CB19] Attacking DRM subsystem to gain kernel privilege on Chromebooks by Di ...CODE BLUE
 
From VB Script to PowerShell
From VB Script to PowerShellFrom VB Script to PowerShell
From VB Script to PowerShellConcentrated Technology
 
Server Core2
Server Core2Server Core2
Server Core2Concentrated Technology
 
Vps Hosting
Vps HostingVps Hosting
Vps HostingShahid Lashari
 
MongoDB and Windows Azure
MongoDB and Windows AzureMongoDB and Windows Azure
MongoDB and Windows AzureJim O'Neil
 

Recomendados

Chrome os
Chrome osChrome os
Chrome osDevender Singh
 
As7 at jbug Milan
As7 at jbug MilanAs7 at jbug Milan
As7 at jbug Milanmaeste
 
padmahasa november 2016 resume.Doc
padmahasa november 2016 resume.Docpadmahasa november 2016 resume.Doc
padmahasa november 2016 resume.Docpadma hasa
 
[CB19] Attacking DRM subsystem to gain kernel privilege on Chromebooks by Di ...
[CB19] Attacking DRM subsystem to gain kernel privilege on Chromebooks by Di ...[CB19] Attacking DRM subsystem to gain kernel privilege on Chromebooks by Di ...
[CB19] Attacking DRM subsystem to gain kernel privilege on Chromebooks by Di ...CODE BLUE
 
From VB Script to PowerShell
From VB Script to PowerShellFrom VB Script to PowerShell
From VB Script to PowerShellConcentrated Technology
 
Server Core2
Server Core2Server Core2
Server Core2Concentrated Technology
 
Vps Hosting
Vps HostingVps Hosting
Vps HostingShahid Lashari
 
MongoDB and Windows Azure
MongoDB and Windows AzureMongoDB and Windows Azure
MongoDB and Windows AzureJim O'Neil
 
Prl
PrlPrl
Prlasapriko
 
A CTF Hackers Toolbox
A CTF Hackers ToolboxA CTF Hackers Toolbox
A CTF Hackers ToolboxStefan
 
Capture The Flag - Azerbaijan
Capture The Flag - AzerbaijanCapture The Flag - Azerbaijan
Capture The Flag - AzerbaijanRashad Aliyev
 
It security
It securityIt security
It securityMutten
 
Humanismo Frances
Humanismo FrancesHumanismo Frances
Humanismo FrancesRoberth Miranda
 
El Humanismo Pedagogico En Francia Edad Moderna
El Humanismo Pedagogico En Francia Edad ModernaEl Humanismo Pedagogico En Francia Edad Moderna
El Humanismo Pedagogico En Francia Edad ModernaWilber Ramos
 
Npc14
Npc14Npc14
Npc14vamsitricks
 
Humanismo Frances
Humanismo FrancesHumanismo Frances
Humanismo FrancesC4MIL4
 
ITFT - IP adressing
ITFT - IP adressing ITFT - IP adressing
ITFT - IP adressingNavneet Kaur
 
Hacking the Creative Brain
Hacking the Creative BrainHacking the Creative Brain
Hacking the Creative BrainDenise Jacobs
 
Fuzzing_with_Xen.pdf
Fuzzing_with_Xen.pdfFuzzing_with_Xen.pdf
Fuzzing_with_Xen.pdfdistortdistort
 
OffensiveCon2022: Case Studies of Fuzzing with Xen
OffensiveCon2022: Case Studies of Fuzzing with XenOffensiveCon2022: Case Studies of Fuzzing with Xen
OffensiveCon2022: Case Studies of Fuzzing with XenTamas K Lengyel
 
Hacker bootcamp
Hacker bootcampHacker bootcamp
Hacker bootcampGregory Hanis
 
Project ACRN CSE Virtualization
Project ACRN CSE VirtualizationProject ACRN CSE Virtualization
Project ACRN CSE VirtualizationProject ACRN
 
Democratizing Serverless: the New Open Source, Cloud Agnostic Functions Platf...
Democratizing Serverless: the New Open Source, Cloud Agnostic Functions Platf...Democratizing Serverless: the New Open Source, Cloud Agnostic Functions Platf...
Democratizing Serverless: the New Open Source, Cloud Agnostic Functions Platf...Codemotion
 
Application Of A Server Hardening Essay
Application Of A Server Hardening EssayApplication Of A Server Hardening Essay
Application Of A Server Hardening EssayWinstina Kennedy
 
Research Assignment For Active Directory
Research Assignment For Active DirectoryResearch Assignment For Active Directory
Research Assignment For Active DirectoryJessica Myers
 
rsa-usa-2019-keynote-paula-januszkiewicz
rsa-usa-2019-keynote-paula-januszkiewiczrsa-usa-2019-keynote-paula-januszkiewicz
rsa-usa-2019-keynote-paula-januszkiewiczPaula Januszkiewicz
 
Shytikov on NTLM Authentication
Shytikov on NTLM AuthenticationShytikov on NTLM Authentication
Shytikov on NTLM Authenticationshytikov
 
Web Apps Security
Web Apps SecurityWeb Apps Security
Web Apps SecurityVictor Bucutea
 
FreeBSD and Hardening Web Server
FreeBSD and Hardening Web ServerFreeBSD and Hardening Web Server
FreeBSD and Hardening Web ServerMuhammad Moinur Rahman
 
metaploit framework
metaploit frameworkmetaploit framework
metaploit frameworkLe Quyen
 

Mais conteúdo relacionado

Destaque

A CTF Hackers Toolbox
A CTF Hackers ToolboxA CTF Hackers Toolbox
A CTF Hackers ToolboxStefan
 
Capture The Flag - Azerbaijan
Capture The Flag - AzerbaijanCapture The Flag - Azerbaijan
Capture The Flag - AzerbaijanRashad Aliyev
 
It security
It securityIt security
It securityMutten
 
El Humanismo Pedagogico En Francia Edad Moderna
El Humanismo Pedagogico En Francia Edad ModernaEl Humanismo Pedagogico En Francia Edad Moderna
El Humanismo Pedagogico En Francia Edad ModernaWilber Ramos
 
Humanismo Frances
Humanismo FrancesHumanismo Frances
Humanismo FrancesC4MIL4
 
ITFT - IP adressing
ITFT - IP adressing ITFT - IP adressing
ITFT - IP adressingNavneet Kaur
 
Hacking the Creative Brain
Hacking the Creative BrainHacking the Creative Brain
Hacking the Creative BrainDenise Jacobs
 

Destaque (10)

Prl
PrlPrl
Prl
 
A CTF Hackers Toolbox
A CTF Hackers ToolboxA CTF Hackers Toolbox
A CTF Hackers Toolbox
 
Capture The Flag - Azerbaijan
Capture The Flag - AzerbaijanCapture The Flag - Azerbaijan
Capture The Flag - Azerbaijan
 
It security
It securityIt security
It security
 
Humanismo Frances
Humanismo FrancesHumanismo Frances
Humanismo Frances
 
El Humanismo Pedagogico En Francia Edad Moderna
El Humanismo Pedagogico En Francia Edad ModernaEl Humanismo Pedagogico En Francia Edad Moderna
El Humanismo Pedagogico En Francia Edad Moderna
 
Npc14
Npc14Npc14
Npc14
 
Humanismo Frances
Humanismo FrancesHumanismo Frances
Humanismo Frances
 
ITFT - IP adressing
ITFT - IP adressing ITFT - IP adressing
ITFT - IP adressing
 
Hacking the Creative Brain
Hacking the Creative BrainHacking the Creative Brain
Hacking the Creative Brain
 

Semelhante a It security cft

OffensiveCon2022: Case Studies of Fuzzing with Xen
OffensiveCon2022: Case Studies of Fuzzing with XenOffensiveCon2022: Case Studies of Fuzzing with Xen
OffensiveCon2022: Case Studies of Fuzzing with XenTamas K Lengyel
 
Project ACRN CSE Virtualization
Project ACRN CSE VirtualizationProject ACRN CSE Virtualization
Project ACRN CSE VirtualizationProject ACRN
 
Democratizing Serverless: the New Open Source, Cloud Agnostic Functions Platf...
Democratizing Serverless: the New Open Source, Cloud Agnostic Functions Platf...Democratizing Serverless: the New Open Source, Cloud Agnostic Functions Platf...
Democratizing Serverless: the New Open Source, Cloud Agnostic Functions Platf...Codemotion
 
Application Of A Server Hardening Essay
Application Of A Server Hardening EssayApplication Of A Server Hardening Essay
Application Of A Server Hardening EssayWinstina Kennedy
 
Research Assignment For Active Directory
Research Assignment For Active DirectoryResearch Assignment For Active Directory
Research Assignment For Active DirectoryJessica Myers
 
rsa-usa-2019-keynote-paula-januszkiewicz
rsa-usa-2019-keynote-paula-januszkiewiczrsa-usa-2019-keynote-paula-januszkiewicz
rsa-usa-2019-keynote-paula-januszkiewiczPaula Januszkiewicz
 
Shytikov on NTLM Authentication
Shytikov on NTLM AuthenticationShytikov on NTLM Authentication
Shytikov on NTLM Authenticationshytikov
 
metaploit framework
metaploit frameworkmetaploit framework
metaploit frameworkLe Quyen
 
Typhoon Managed Execution Toolkit
Typhoon Managed Execution ToolkitTyphoon Managed Execution Toolkit
Typhoon Managed Execution ToolkitDimitry Snezhkov
 
Chromium os architecture report
Chromium os architecture reportChromium os architecture report
Chromium os architecture reportAmr Abd El Latief
 
Top 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth Taking
Top 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth TakingTop 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth Taking
Top 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth TakingPaula Januszkiewicz
 
ARMITAGE-THE CYBER ATTACK MANAGEMENT
ARMITAGE-THE CYBER ATTACK MANAGEMENTARMITAGE-THE CYBER ATTACK MANAGEMENT
ARMITAGE-THE CYBER ATTACK MANAGEMENTDevil's Cafe
 
Secure programming with php
Secure programming with phpSecure programming with php
Secure programming with phpMohmad Feroz
 
Optimizing windows 8 for virtual desktops - teched 2013 Jeff Stokes
Optimizing windows 8 for virtual desktops - teched 2013 Jeff StokesOptimizing windows 8 for virtual desktops - teched 2013 Jeff Stokes
Optimizing windows 8 for virtual desktops - teched 2013 Jeff StokesJeff Stokes
 
KCD Munich - Cloud Native Platform Dilemma - Turning it into an Opportunity
KCD Munich - Cloud Native Platform Dilemma - Turning it into an OpportunityKCD Munich - Cloud Native Platform Dilemma - Turning it into an Opportunity
KCD Munich - Cloud Native Platform Dilemma - Turning it into an OpportunityAndreas Grabner
 

Semelhante a It security cft (20)

Fuzzing_with_Xen.pdf
Fuzzing_with_Xen.pdfFuzzing_with_Xen.pdf
Fuzzing_with_Xen.pdf
 
OffensiveCon2022: Case Studies of Fuzzing with Xen
OffensiveCon2022: Case Studies of Fuzzing with XenOffensiveCon2022: Case Studies of Fuzzing with Xen
OffensiveCon2022: Case Studies of Fuzzing with Xen
 
Hacker bootcamp
Hacker bootcampHacker bootcamp
Hacker bootcamp
 
Project ACRN CSE Virtualization
Project ACRN CSE VirtualizationProject ACRN CSE Virtualization
Project ACRN CSE Virtualization
 
Democratizing Serverless: the New Open Source, Cloud Agnostic Functions Platf...
Democratizing Serverless: the New Open Source, Cloud Agnostic Functions Platf...Democratizing Serverless: the New Open Source, Cloud Agnostic Functions Platf...
Democratizing Serverless: the New Open Source, Cloud Agnostic Functions Platf...
 
Application Of A Server Hardening Essay
Application Of A Server Hardening EssayApplication Of A Server Hardening Essay
Application Of A Server Hardening Essay
 
Research Assignment For Active Directory
Research Assignment For Active DirectoryResearch Assignment For Active Directory
Research Assignment For Active Directory
 
rsa-usa-2019-keynote-paula-januszkiewicz
rsa-usa-2019-keynote-paula-januszkiewiczrsa-usa-2019-keynote-paula-januszkiewicz
rsa-usa-2019-keynote-paula-januszkiewicz
 
Shytikov on NTLM Authentication
Shytikov on NTLM AuthenticationShytikov on NTLM Authentication
Shytikov on NTLM Authentication
 
Web Apps Security
Web Apps SecurityWeb Apps Security
Web Apps Security
 
FreeBSD and Hardening Web Server
FreeBSD and Hardening Web ServerFreeBSD and Hardening Web Server
FreeBSD and Hardening Web Server
 
metaploit framework
metaploit frameworkmetaploit framework
metaploit framework
 
Typhoon Managed Execution Toolkit
Typhoon Managed Execution ToolkitTyphoon Managed Execution Toolkit
Typhoon Managed Execution Toolkit
 
Chromium os architecture report
Chromium os architecture reportChromium os architecture report
Chromium os architecture report
 
Top 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth Taking
Top 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth TakingTop 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth Taking
Top 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth Taking
 
It gilde 20150209
It gilde 20150209It gilde 20150209
It gilde 20150209
 
ARMITAGE-THE CYBER ATTACK MANAGEMENT
ARMITAGE-THE CYBER ATTACK MANAGEMENTARMITAGE-THE CYBER ATTACK MANAGEMENT
ARMITAGE-THE CYBER ATTACK MANAGEMENT
 
Secure programming with php
Secure programming with phpSecure programming with php
Secure programming with php
 
Optimizing windows 8 for virtual desktops - teched 2013 Jeff Stokes
Optimizing windows 8 for virtual desktops - teched 2013 Jeff StokesOptimizing windows 8 for virtual desktops - teched 2013 Jeff Stokes
Optimizing windows 8 for virtual desktops - teched 2013 Jeff Stokes
 
KCD Munich - Cloud Native Platform Dilemma - Turning it into an Opportunity
KCD Munich - Cloud Native Platform Dilemma - Turning it into an OpportunityKCD Munich - Cloud Native Platform Dilemma - Turning it into an Opportunity
KCD Munich - Cloud Native Platform Dilemma - Turning it into an Opportunity
 

Último

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 

Último (20)

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 

It security cft

  • 1. Morten Juhl Jørgensen Mads Angelbo Pedersen 29/09/2011
  • 2. What is CFT  Game Style Overview  Info  Alternatives  Demo  Questions
  • 4. The task is to maintain a server running multiple services, while simultaneously trying to get access to the other team's servers. Each successful penetration gains points, as well as keeping services up and functional during the course of the game.
  • 5.
  • 6. The exercise consists of multiple teams, each hosting a server that has multiple services running,  The services contain typical security vulnerabilities that allow to compromise the server to a certain extend.  The goal is to maintain the services up, functional and uncompromised for the duration of the game.  Additional scores can be gained by patching the vulnerabilities of the services and exploiting the knowledge of the found weaknesses at the other team's servers.
  • 7.
  • 8. There are some alternatives to CFT like: ◦ WarGames : a Typical server program or VM the you can Download and attack without any Time pressure ◦ Crakme’s : Programs where you try to Reverse Engineer and make a Serial number generator ◦ Non safe Applikations : ” Damn vulnerable Linux” ” Web Goat ”
  • 10.
  • 11. http://www.the- playground.dk/index.php?page=wargames  http://sourceforge.net/projects/ctfd/  http://prosa-ctf.the-playground.dk/  http://www.cipher- ctf.org/CaptureTheFlag.php  http://mirrors.dotsrc.org/blivklogere/njlug/2 010-09-16_CTF/ctf.pdf  http://inctf.in/ctf/what/