Rename for github

This commit is contained in:
Neale Pickett 2016-01-31 20:46:27 -07:00
parent acac43a3fd
commit b1b039a5f2
4 changed files with 0 additions and 110 deletions

View File

@ -1,34 +0,0 @@
Ideas for puzzles
=================
* Bootable image with FreeDOS, Linux, Inferno? HURD?
* Bury puzzles in various weird locations within each OS
* Maybe put some in the boot loader, too
* Perhaps have some sort of network puzzle as well
* Network treasure hunt
* DHCP option
* Single TCP RST with token in payload
* Multiple TCP RST with different payloads
* http://10.0.0.2/token
* PXE boot some sort of points-gathering client
* Init asks for a team hash, and starts awarding points
* Broken startup scripts, when fixed award more points
* Lots of remote exploits
* "qemu -net socket" vpn thingy and then...
* sfxrar packed with upx. Change an instruction so it won't actually
execute.
* pwnables: have scp log passwords somewhere
Capture the Packet
------------------
* Jim Meilander could teach a class about Bro
* Use qemu -net socket,connect=10.0.0.2:5399 for capture the packet
From Jed Crandell
-----------------
* Have password easily read, must determine username with stack
examination (like in printf category)
* Use %600000u%n to write an arbitrary value to a location in
stack, then jump to that location somehow.

View File

@ -1,76 +0,0 @@
LANL Capture The Flag
=====================
The LANL CTF training and exercise is designed to train novice to expert
analysts in new techniques and tools. Course material is in a tutorial
format, which is bundled into the exercise.
The class portion proceeds as a lecture style, although participants are
encouraged to work at their own pace, soliciting assistance from
instructors during the lab sections of the lecture. A Capture-The-Flag
style exercise follows the training as a mechanism to reinforce concepts
the participants have just learned, as well as introduce new concepts,
and to help participants learn how to deal with an actual security
incident. In the exercise portion, participants form into teams which
compete against each other to gain points in a broad spectrum of
categories.
Event categories and training topics are easily customized to better
meet each site's requirements for training.
Key Features
------------
Portable: Hardware for up to 80 participants fits into a single
suitcase, and the exercise portion can be conducted by a single
organizer for up to 100 participants.
Flexible: Exercise or Training can be run standalone, and can last
anywhere from 2 hours to 5 days.
Lasting: Exercise portion reinforces concepts learned during training.
Modular: Categories can be cherry-picked from an ever-growing list,
creating a custom-tailored training and exercise.
Extensible: New modules can be added quickly.
Categories currently available: (September 2010)
------------------------------------------------
* Base arithmetic
* Introductory computer programming / logical thinking
* Host forensics
* Malware reverse-engineering
* Network reverse-engineering
* Packet capture and analysis tools
* Reconstruction of session data
* Protocol reverse-engineering
* Custom tool development skills
* Linux systems programming
* Using strace, ltrace, gdb
* Understanding race conditions
* Programming securely
* Web application development
* Cross-site scripting attacks
* Input validation
* SQL Injection
* Security vs. obscurity
* Cryptography and codebreaking
* Steganography detection and extraction
* Social engineering
* Binary file formats
* General puzzle-solving skills
Categories in development
-------------------------
* Securing SCADA devices
* Network traffic monitoring
* Log file analysis
* HTML / Javascript reverse-engineering
* Your request goes here!