Play CTF! A Great Way to Learn Hacking - Fsec 2017
Abstract:
For many of us hacking means creativity - if you have ever witnessed a complex heap memory corruption exploit, you realise how close this is to art. But when we look at how IT security is taught, we often see uncreative memorisation of dangerous functions or generally a checklist approach. Nobody can understand or know everything in IT Security and isolation of topics only leads to interesting attack ideas being lost at the topic boundaries. Like in math we rather like to develop an intuition and understanding of underlying concepts that help us to adapt to any system we want to hack. Especially because the IT world is changing extremely fast and staying up-to-date is necessary.
I believe, for anybody who is interested in IT security, as well as developers who should write secure code, it’s important to train hacking creatively.
CTF (Capture The Flag) challenges are kind of like math puzzles for hackers - sometimes they are about exploiting basic issues and sometimes they are very esoteric. But they always require creative thinking. Security trainings, academic education and books will get you far enough to deliver good work, but I believe playing CTFs can make the difference between good or excellent work.
With this talk I want to motivate you to play CTFs and showcase various example challenge solutions, to show you stuff you hopefully haven't seen before and get you inspired to find more interesting vulnerabilities.
Fsec Conference: https://fsec.foi.hr
Recording and Editing by: https://twitter.com/Ministraitor
-=[ 🔴 Stuff I use ]=-
→ Microphone:* https://amzn.to/2LW6ldx
→ Graphics tablet:* https://amzn.to/2C8djYj
→ Camera#1 for streaming:* https://amzn.to/2SJ66VM
→ Lens for streaming:* https://amzn.to/2CdG31I
→ Connect Camera#1 to PC:* https://amzn.to/2VDRhWj
→ Camera#2 for electronics:* https://amzn.to/2LWxehv
→ Lens for macro shots:* https://amzn.to/2C5tXrw
→ Keyboard:* https://amzn.to/2LZgCFD
→ Headphones:* https://amzn.to/2M2KhxW
-=[ ❤️ Support ]=-
→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ 🐕 Social ]=-
→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/
-=[ 📄 P.S. ]=-
All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
#CTF
Видео Play CTF! A Great Way to Learn Hacking - Fsec 2017 канала LiveOverflow
For many of us hacking means creativity - if you have ever witnessed a complex heap memory corruption exploit, you realise how close this is to art. But when we look at how IT security is taught, we often see uncreative memorisation of dangerous functions or generally a checklist approach. Nobody can understand or know everything in IT Security and isolation of topics only leads to interesting attack ideas being lost at the topic boundaries. Like in math we rather like to develop an intuition and understanding of underlying concepts that help us to adapt to any system we want to hack. Especially because the IT world is changing extremely fast and staying up-to-date is necessary.
I believe, for anybody who is interested in IT security, as well as developers who should write secure code, it’s important to train hacking creatively.
CTF (Capture The Flag) challenges are kind of like math puzzles for hackers - sometimes they are about exploiting basic issues and sometimes they are very esoteric. But they always require creative thinking. Security trainings, academic education and books will get you far enough to deliver good work, but I believe playing CTFs can make the difference between good or excellent work.
With this talk I want to motivate you to play CTFs and showcase various example challenge solutions, to show you stuff you hopefully haven't seen before and get you inspired to find more interesting vulnerabilities.
Fsec Conference: https://fsec.foi.hr
Recording and Editing by: https://twitter.com/Ministraitor
-=[ 🔴 Stuff I use ]=-
→ Microphone:* https://amzn.to/2LW6ldx
→ Graphics tablet:* https://amzn.to/2C8djYj
→ Camera#1 for streaming:* https://amzn.to/2SJ66VM
→ Lens for streaming:* https://amzn.to/2CdG31I
→ Connect Camera#1 to PC:* https://amzn.to/2VDRhWj
→ Camera#2 for electronics:* https://amzn.to/2LWxehv
→ Lens for macro shots:* https://amzn.to/2C5tXrw
→ Keyboard:* https://amzn.to/2LZgCFD
→ Headphones:* https://amzn.to/2M2KhxW
-=[ ❤️ Support ]=-
→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ 🐕 Social ]=-
→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/
-=[ 📄 P.S. ]=-
All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
#CTF
Видео Play CTF! A Great Way to Learn Hacking - Fsec 2017 канала LiveOverflow
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Hacking Competition in Zhengzhou China - Real World CTF Finals 2018
Solving a JavaScript crackme: JS SAFE 2.0 (web) - Google CTF 2018
Hacking My Instagram Account
What do Nintendo Switch and iOS 9.3 have in common? CVE-2016-4657 walk-through
Hacking language learning: Benny Lewis at TEDxWarsaw
DEF CON 25 - Mark Williams, Rob Stanley - If You Give a Mouse a Microchip
Bash injection without letters or numbers - 33c3ctf hohoho (misc 350)
Student Finds Hidden Devices in the College Library - Are they nefarious?
We Hacked a Scammers Webcam - Tech Support Scam
Exploiting an Integer Overflow (Fire and Ice) - Pwn Adventure 3
Injection Vulnerabilities - or: How I got a free Burger
This Is How Easy It Is To Get Hacked | VICE on HBO
HOW FRCKN' HARD IS IT TO UNDERSTAND A URL?! - uXSS CVE-2018-6128
Hacker Breaks Down 26 Hacking Scenes From Movies & TV | WIRED
DEF CON CTF 2018 Finals
Top hacker shows us how it's done | Pablos Holman | TEDxMidwest
Using z3 to find a password and reverse obfuscated JavaScript - Fsec2017 CTF
What is CTF? An introduction to security Capture The Flag competitions
HOW TO GET STARTED IN BUG BOUNTY (9x PRO TIPS)
Let’s play a game: what is the deadly bug here?