Point3 ESCALATE CTF - Room #323 We often “learn” cyber security by cramming too much information into expensive one-week boot camps, which leave learners with a false sense of accomplishment and inability to apply their knowledge to problems outside the artificial boot camp environment. Or we languish in fancy cyber rages that offer no mentorship. To most effectively transfer advanced skills to a large population in minimal time, master craftsmen built an immersive challenge-based ecosystem that combines self-directed learning paths with mentorship from professionals seasoned in cyber operations and development. Areas include malware reverse engineering, network security monitoring, disk and memory forensics, vulnerability research, offensive and defensive operations, and operational software development. The BSidesCharm Wireless Capture the Flag (WCTF) is a trip through the useable RF spectrum. Challenges will involve all of the physics and RF theory that we have all come to love so much. You will be using tools like the RTL-SDR, HackRF, BladeRF, your cell phone, and various 802.11 radios. Although not all are necessary to compete, they will help. The WCTF can be completed with experience ranging from a little knowledge to a pen-tester’s capability, and $40 to $4000 worth of equipment. Regardless of what you bring, the key is to read the clues and determine the goal of each step. We teach along the way, so if you are a N00b, we will help you learn strategies to get you to competition level. This year we maintain certain aspects of past WCTFs but are also introducing new challenges. For example, as in past WCTFs, you will need to sit for a while and hack at crypto and break into networks. But, unlike past WCTFs, you need to break out your war-walking shoes because you will be tracking and finding hidden nodes and possibly even remote sites -- and not all of them will be WiFi. We will also be holding the very popular, RF Signal Drinking Game. There will be clues everywhere, and we will provide periodic updates so make sure you pay attention to what’s happening at the WCTF Control Center, on Twitter, the interwebz, etc. Flags: Flags will range from transmissions in the spectrum to pass-phrases used to gain access to wireless access points. Once you capture the flag, submit it right away because some flags are worth more points the sooner they are submitted (e.g., timed challenges) and others will be awarded negative points (e.g., false flags). Offense and defense are fully in play by the participants, the WCTF organizers, and the Con itself. Links: Check out our websites for tools, what you need, and what to do. Enjoy your journey.
Lockpick Village - Room #320 The mission of The Open Organisation of Lockpickers (TOOOL) is to advance the general public knowledge about locks and lockpicking. By examining locks, safes and other such hardware and by publicly discussing our findings, we hope to strip away the mystery with which so many of these products are imbued. The more that people know about lock technology, the better they are capable of understanding how and where certain weaknesses are present. This makes them well-equipped to participate in sportpicking endeavors and also helps them simply be better consumers in the marketplace, making decisions based upon sound fact and research. Visit TOOOL and learn how to pick a lock or work on refining your current skills! |