The CTF crew is once again hard at work preparing challenges for this year’s competition. As in the past, the first day of the conference will be CTF prep while the actual competition will take place on Day 2 (Friday, June 8th). Even though it will contain some hard challenges, this is a learning CTF – not just a bash-your-head-against-the-wall competition. As such, there will be plenty of challenges from lockpicking to recon and web exploitation for people of all levels and backgrounds. Additionally, you may choose to compete as an individual or form teams of up to 4 people – there are separate prize categories for both.
You will need an updated Kali machine, but we will provide everything else.
Below is a list of some of the skills/topics that have been covered in previous years.
Entry Level: Primarily aimed at beginners and those with a less technical background, focusing on basic infosec skills and concepts.
- Rot N encoding
- Google Fu / OSINT
- Examining website source code
- Basic file analysis (eg. file, strings)
Intermediate: Expect to begin taking a deep dive into the core categories by finding and exploiting vulnerabilities, cracking passwords, etc.
- Extracting objects from Wireshark dump
- SQL Injection
- URL Fuzzing
- Cracking password hashes (using john, Hashcat, etc)
- Reverse Engineering and Disassembly
Hard: For our battle-hardened, seasoned CTF players which will challenge competitors to truly think outside the box, crack encryption, exploit binaries, and more.
- Blacklist filter evasion for SQL Injection
- Binary Exploitation (buffer overflows and more)
- Cracking RSA Encryption
- Multi-step OSINT investigation
In addition, we are always looking for volunteers to help out with creating and testing all of the problems. If that interests you, please reach out to us at contact [at] metactf.com, and we’ll add you to the mailing list.
We are pleased to announce that CrowdStrike has sponsored the CTF this year!
Finally, good luck to everyone and we’ll see you in June!