Play CTF! A Great Way to Learn Hacking - Fsec 2017
Abstract:
For many of us hacking means creativity - if you have ever witnessed a complex heap memory corruption exploit, you realise how close this is to art. But when we look at how IT security is taught, we often see uncreative memorisation of dangerous functions or generally a checklist approach. Nobody can understand or know everything in IT Security and isolation of topics only leads to interesting attack ideas being lost at the topic boundaries. Like in math we rather like to develop an intuition and understanding of underlying concepts that help us to adapt to any system we want to hack. Especially because the IT world is changing extremely fast and staying up-to-date is necessary.
I believe, for anybody who is interested in IT security, as well as developers who should write secure code, it’s important to train hacking creatively.
CTF (Capture The Flag) challenges are kind of like math puzzles for hackers - sometimes they are about exploiting basic issues and sometimes they are very esoteric. But they always require creative thinking. Security trainings, academic education and books will get you far enough to deliver good work, but I believe playing CTFs can make the difference between good or excellent work.
With this talk I want to motivate you to play CTFs and showcase various example challenge solutions, to show you stuff you hopefully haven't seen before and get you inspired to find more interesting vulnerabilities.
Fsec Conference: https://fsec.foi.hr
Recording and Editing by: https://twitter.com/Ministraitor
-=[ 🔴 Stuff I use ]=-
→ Microphone:* https://amzn.to/2LW6ldx
→ Graphics tablet:* https://amzn.to/2C8djYj
→ Camera#1 for streaming:* https://amzn.to/2SJ66VM
→ Lens for streaming:* https://amzn.to/2CdG31I
→ Connect Camera#1 to PC:* https://amzn.to/2VDRhWj
→ Camera#2 for electronics:* https://amzn.to/2LWxehv
→ Lens for macro shots:* https://amzn.to/2C5tXrw
→ Keyboard:* https://amzn.to/2LZgCFD
→ Headphones:* https://amzn.to/2M2KhxW
-=[ ❤️ Support ]=-
→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ 🐕 Social ]=-
→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/
-=[ 📄 P.S. ]=-
All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
#CTF
Видео Play CTF! A Great Way to Learn Hacking - Fsec 2017 канала LiveOverflow
For many of us hacking means creativity - if you have ever witnessed a complex heap memory corruption exploit, you realise how close this is to art. But when we look at how IT security is taught, we often see uncreative memorisation of dangerous functions or generally a checklist approach. Nobody can understand or know everything in IT Security and isolation of topics only leads to interesting attack ideas being lost at the topic boundaries. Like in math we rather like to develop an intuition and understanding of underlying concepts that help us to adapt to any system we want to hack. Especially because the IT world is changing extremely fast and staying up-to-date is necessary.
I believe, for anybody who is interested in IT security, as well as developers who should write secure code, it’s important to train hacking creatively.
CTF (Capture The Flag) challenges are kind of like math puzzles for hackers - sometimes they are about exploiting basic issues and sometimes they are very esoteric. But they always require creative thinking. Security trainings, academic education and books will get you far enough to deliver good work, but I believe playing CTFs can make the difference between good or excellent work.
With this talk I want to motivate you to play CTFs and showcase various example challenge solutions, to show you stuff you hopefully haven't seen before and get you inspired to find more interesting vulnerabilities.
Fsec Conference: https://fsec.foi.hr
Recording and Editing by: https://twitter.com/Ministraitor
-=[ 🔴 Stuff I use ]=-
→ Microphone:* https://amzn.to/2LW6ldx
→ Graphics tablet:* https://amzn.to/2C8djYj
→ Camera#1 for streaming:* https://amzn.to/2SJ66VM
→ Lens for streaming:* https://amzn.to/2CdG31I
→ Connect Camera#1 to PC:* https://amzn.to/2VDRhWj
→ Camera#2 for electronics:* https://amzn.to/2LWxehv
→ Lens for macro shots:* https://amzn.to/2C5tXrw
→ Keyboard:* https://amzn.to/2LZgCFD
→ Headphones:* https://amzn.to/2M2KhxW
-=[ ❤️ Support ]=-
→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ 🐕 Social ]=-
→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/
-=[ 📄 P.S. ]=-
All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
#CTF
Видео Play CTF! A Great Way to Learn Hacking - Fsec 2017 канала LiveOverflow
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Hacking Competition in Zhengzhou China - Real World CTF Finals 2018Solving a JavaScript crackme: JS SAFE 2.0 (web) - Google CTF 2018Hacking My Instagram AccountWhat do Nintendo Switch and iOS 9.3 have in common? CVE-2016-4657 walk-throughHacking language learning: Benny Lewis at TEDxWarsawDEF CON 25 - Mark Williams, Rob Stanley - If You Give a Mouse a MicrochipBash injection without letters or numbers - 33c3ctf hohoho (misc 350)Student Finds Hidden Devices in the College Library - Are they nefarious?We Hacked a Scammers Webcam - Tech Support ScamExploiting an Integer Overflow (Fire and Ice) - Pwn Adventure 3Injection Vulnerabilities - or: How I got a free BurgerThis Is How Easy It Is To Get Hacked | VICE on HBOHOW FRCKN' HARD IS IT TO UNDERSTAND A URL?! - uXSS CVE-2018-6128Hacker Breaks Down 26 Hacking Scenes From Movies & TV | WIREDDEF CON CTF 2018 FinalsTop hacker shows us how it's done | Pablos Holman | TEDxMidwestUsing z3 to find a password and reverse obfuscated JavaScript - Fsec2017 CTFWhat is CTF? An introduction to security Capture The Flag competitionsHOW TO GET STARTED IN BUG BOUNTY (9x PRO TIPS)Let’s play a game: what is the deadly bug here?