To help students gain some additional hands-on experience, I’ll be hosting a CTF (“Capture The Flag”) of sorts on Saturday, December 3. It’s not actually competitive (at least not this year), and is designed to be more of a workshop to help students that don’t have a whole lot of knowledge about application security than an actual CTF. The goal is to make this as accessible as possible for all students, but a reasonable amount of programming experience is necessary to have a meaningful experience. This blog post will explain how the workshop will be laid out, what tools you should download and have ready before you arrive, what skills will be covered in each track and what skills you should be comfortable with for each track. The tracks can be switched between, done or not done, etc. as students see fit. Basically, work on whichever track seems like it will be within your grasp, but still challenging enough to learn something.

While I discuss what things you should know, even if you don’t know them, no harm can arise from you coming to the workshop. Even if you feel completely lost and like you wouldn’t even know where to start on any of the tracks, but you’re interested, you should still come. There will be students with a very wide range of experience levels there, and even if you can’t get past a single challenge, simply hearing explanations of these things and observing other students while they work on things independently or in teams will provide a lot of opportunities for learning.
Continue reading