Offensive Computer Security and Offensive Network Security at FSU

This spring FSU’s CS Department is offering two amazing classes on offensive security topics.

Offensive Computer Security and Offensive Network Security both feature video-taped lectures and hands on exercises covering x86 reverse engineering, modern exploit development, network exploitation and reverse engineering, web application exploitation, forensics and much more! You should definitely check each out if you are interested in infosec!

CSAW CTF 2013

It’s almost that time again.  Last year N0L3ptr came in 23rd place among North American universities.  In this year’s competition, the top 10 teams will have an undergraduate team flown out to NYU Polytech to compete in person at the final round.  This has always been a great career opportunity for undergraduates, as winning teams are usually showered with job offers.

CSAW CTF 2013 will begin this Thursday until Sunday. Everyone is welcome to attend and participate! We will have roughly 12 beefy desktops available with a VM and tools installed (laptops are welcome too). Physical presence isn’t required. We encourage remote collaboration via our IRC channel, Google groups, Google docs, and Google hangout.

Time and Date: Thursday 6:00 PM EDT – Sunday 6:00 PM EDT
Location: LOV 010 basement Security Lab
IRC: freenode servers #noleptr to request invite to ##noleptr
Links: n0l3Ptr google group (username/password for csaw login available in Google groups), CSAW CTF 2013

FLORIDA CTF

N0L3ptr (FSU), White Hatters (USF), Knight$ec/HackUCF (UCF), and Kernel Sanders (UF) have united to put on a CTF this October!  There will be two brackets: Florida students, and everyone else (professional).  Signup is at http://floridactf.org/

We encourage everyone to go there in person to play and to most importantly network with other students and professionals here in Florida.  There will be cash prizes for the wining Florida student team(s) – but team size is limited to size of 4.  Representatives from each Florida school will verify that all your teammates are actual students, before prizes are awarded.

Put a team together, go sign up, and stay tuned!

-Owen

Spring CTFs

Upcoming CTFs as of now are:

Ghost in the Shellcode 2013 – Feb 14th @ 19:00 EDT – Feb 16th @ 19:00 EDT
RuCTF Quals 2013 – March 08th @ 11:00 — March 10th @ 12:00 EDT

We’re planning on participating in both of these, so if you’re interested contact either Owen or Ivan. We welcome ALL skill levels; we treat CTFs as educational experiences, and hope everyone can learn something from them.

– Ivan

Spring 2013 Workshops / Meetings

Hey everyone!  We’re starting up our meetings again, and we’re going to try and video record (screencast style) each workshop and post them online here!

Our meeting details:
Every tuesday @ 1pm, in the LOV 010 room (security lab in the basement)

Cheers!
-Owen 

*Update: The next workshop will be intermediate SQLi followed (tentatively) by an overview of the history of cyber warfare the week after.

SQLi Workshop Slides

11/7/2012’s workshop on SQL injection slides can be found here: https://docs.google.com/presentation/d/1I97AFWgk6SXlX5G14557l74AzxoWufmGPbRh_DVd2E8/edit

See the SQLi to shell Exercise post below to see notes on how to get the target iso up and running with networking in Virtual Box.

If you are interested in sharpening your web application hacking skills, I highly suggest checking out OWASP’s  BrokenWebApp project here https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project

They have a target vm that can be downloaded here: http://sourceforge.net/projects/owaspbwa/files/