FYI. You've heard me talk about this before. I think it's something NLUG should implement.
I'll be getting some hands-on experience with it in September at DragonCon, as I'll be assisting Keith in running it for the EFF event track (ie - all things hacker/internet/law). Further info & github repository: http://www.cc.gatech.edu/~krwatson/ http://www.cc.gatech.edu/~krwatson/ctf.html ---------- Forwarded message ---------- From: Watson, Keith R. Date: Wed, Jun 7, 2017 at 11:09 AM Subject: [Dc404-Chat] How to build your own CTF challenge box and CTF training To: "dc404-c...@lists.kaos.to" <dc404-c...@lists.kaos.to> We (brimstone and I) have been running NetKotH at DC404 and atl2600 meetings since the end of last year. The most common question we get is, "how do I build my own CTF challenge box?" That's not the exact wording but an amalgamation of all the questions. So I'm going to put together a DC404 presentation on the basics of building a CTF challenge box. Do you all want to do this before or after DEFCON? I plan to make this like an install fest/demo. I'll post the information in advance on what you will need to bring. If you can do most of the preparation in advanced this would be great and if you get stuck bring your machine and questions. The idea would to install VirtualBox, a Kali Linux VM, and one challenge box (probably Metasploitable2). I also asked if the group was interested in CTF training. The overwhelming answer was yes but not to take up all the meeting time. It seems the best solution would be to do some short presentations/demonstrations using the CTF Challenge Box to go over each step of an attack: Reconnaissance Scanning Exploitation Keeping Access Covering Tracks This will get people started. I'm also considering doing one or more longer training sessions outside of the meeting. The issues to be resolved: 1. What day of the week 2. How many sessions 3. How often 4. Physical or virtual meeting or a combination of the two 5. Where to meet 6. I'll need help with this from experienced pentesters/CTF participants What do you all think? keith -- Keith R. Watson GCIH Georgia Institute of Technology Information Security Engineer Lead College of Computing ~snip~ -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to nlug-talk+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.