Hone your skills and see how an attacker would exploit configuration weaknesses. This Capture the Flag (CTF) scenario lets you see first-hand an attacker's strategies for compromising your systems. Can you gain total control over a target system solely via a web application?
Build on your skills from the first CTF scenario with a new web server setup—can you gain root access on this box?
Get experience conducting an internal investigation on a realistic corporate network.
You are a security officer for a shipping company whose trucks have repeatedly been hijacked by a criminal organization. The criminals appear to have advance information on the routes of the trucks, despite the company changing routes frequently. Company executives suspect someone within the company is leaking truck route information to the criminals. Students will have to determine who is leaking the information, how, and to whom.
Familiarity cyber-forensic techniques and with the Bash shell on Linux.
Students will use Wireshark® to analyze network packet traces containing normal network traffic and active attacks. Detailed information will be extracted from the traces by examining packets and by using Wireshark's built-in analysis and PCAP-manipulation tools.
- Familiarity with Wireshark and the Unix/Linux command line
- Detailed knowledge of networking protocols, including TCP/IP, DNS, and HTTP
The forthcoming CYRIN Protocol Analysis labs will help you meet these prerequisites.
Test your skills against others as either an attacker attempting to compromise a system or a defender trying to prevent the attackers from doing damage. This is a head-to-head exercise, best played with two or more participants from your organization. Participants choose their own teams.
- Knowledge of attack, pen-testing, and defensive techniques on Linux systems, including web application attacks, firewall configuration, etc.
- Familiarity with command-line tools on Linux systems (e.g., Metasploit).
- Be appropriately matched in skill with your opponent!
To get the most out of this exercise, you should complete the two Capture the Flag scenarios first.