Current schedule


NOTES:
  • Slides for all lectures / tutorials will be make available to registrants via email

Competition VM Distribution

DATE February 20. A VM image with an Linux OS and the Wep Application CMS (Content Management System). Participants are free to download, begin securing the OS, devise defensive and offensive strategies, review CMS source code, etc. Registered participants will receive an email that directs them to a URL from which to download the VM.
Click here to go to the page from which you can get this VM!

First Meeting. Organizational

DATE March 9. TIME 7-8 pm. PLACE 3-270. Explain how CTF will work: motivation, structure, schedule, structure, rules, and prizes.

Second Meeting. Web Application Basics. Server lockdown

DATE March 11. TIME 7-9 pm. PLACE 3-270. Overview of the Web Application teams will be defending/attacking. Rudiments of securing a linux server.

Office Hours.

DATE March 14. TIME noon-4pm. PLACE 32-D507. We'll be there to answer your questions in person. Feel free to bring a laptop if there's something you need to show us.

Third Meeting. Vulnerability classes.

DATE March 14. TIME 7-9 pm. PLACE 3-270. SQL injection. Cross-site scripting. Remote File Inclusion. File System Traversal. Etc.

Fourth Meeting. Defensive / Offensive Tools

DATE March 16. TIME 7-9 pm. PLCAE 3-270. TamperData, Firebug, RESIN. Google Gruyere

Office Hours.

DATE March 21 and 28. TIME noon-4pm. PLACE 32-D507. We'll be there to answer your questions in person. Feel free to bring a laptop if there's something you need to show us.


Capture the Flag Competition

DATE April 2 & 3. TIME 8:30am-9pm each day. PLACE 26-152. Physical attendance required (no remote participation).
[more details on competition schedule]

Prize Ceremony

This has been moved to occur at 8pm on the 3rd of April, one hour after the competition is over.