List of ctfs
- Hack-A-IoT CTF is a mix between real life exploitation involving both N-Days and 0-Days. Just like traditional CTFs there is both web and binary exploitation, but this time it’s against real targets. A corpus consisting of over 25 real life IoT devices will be made available. Devices will consist of home routers and IP cameras. Most devices will already have UART pins soldered on, and firmwares available. Contestants will try to find as many vulnerabilities as possible on as many targets. Vulnerabilities can be 0-days or N-days. Any categories of vulnerabilities that provide a capability is acceptable, but configuration issues will not be scored. For example, we are not interested in the fact credentials are transmit via clear text, but those credentials can be utilized for more advanced features. Vulnerabilities will be submitted in the form of an exploit script written in a sane programming language, raw binaries will not be tested or run.
- Requirements:Bring your laptop in order to play
- Timing: All day
- Threat Simulations is presenting a “Hack Back” Capture the Flag (TS//CTF) for attendees of BSidesSATX. This CTF is mostly centered around a hack back scenario that starts with a piece of malware and ends in exploiting the command and control (C2) server and swimming upstream into red space. This challenge requires skills in malware analysis/reversing, fuzzing, and remote exploit development. The other half of the TS//CTF is a jeopardy board style with challenges ranging in difficulty and covering topics from crypto, cracking, web attacks, networking and linux exploitation.
- Requirements: Bring your laptop with WiFi capabilities
- Timing: 9am-4pm