The RV4sec CTF dev team has been hard at work for the last few months cooking up some great new challenges for this year’s Capture the Flag (CTF) event. We’re sticking with the tiered approach in an effort to bring a healthy mix of educational challenges, along with more difficult “hack the Gibson” challenges.
However, this year’s CTF has a new twist! We are combining the CTF you know and love with live bug hunting with the help of Bugcrowd! Bugcrowd has run Bug Bashes at conferences before, but we are taking it to the next level at RV4sec: we’ll be incorporating aspects of the live Bugcrowd bug bounty system into the CTF scoring. This means you can get involved in finding real live bugs on systems and they will count for points in the CTF. Isn’t that excellent?!
The CTF has been a big success the last few years, and we are working hard to ensure that it continues to educate and provide a fun, safe environment to learn many aspects of IT, IT security, hacking and defending.
We are also working with Bugcrowd to allow CTF participants the ability to give back to the community. We are working on a process to allow local companies and not-for-profit organizations the ability to sign up to have their security tested as part of the CTF. The live bug hunting aspect will provide real organizations security testing so they can better understand and improve the security posture of their online presence. In the end, isn’t that what IT security should be about? We hope to provide more information on this very soon!
The CTF team is a mix of folks from many different facets of IT: we’ve got incident responders, hacker trackers, IT directors, pentesters, IT managers and everything in between. These folks have a passion for technology, enjoy exploratory dives into interesting problems, and want to share the joy, fun, frustration, learning, and general shenanigans that make the RV4sec CTF so much fun!
Our hope is that a healthy mix of folks will also come to participate in the free CTF hosted at RV4sec. We want everyone to come out and play, whether you’re new to tech, or you remember putting your first program on punch cards. Come out, plug in (well it’ll be wireless, but…) and get hacking, teaching, and learning.
Also, feel free to tweet us things you’d like to see in the CTF. It’s getting close but there may be time to get the ideas into a challenge. Use hashtag #rv4secctf and tweet to @pipefish_, @mpbailey1911, or even @RVAsec with ideas and we’ll see what we can do.
Thanks again to UNOS for sponsoring the CTF, as well as the other organizations donating prizes.
We’ll see you there, and keep your eyes peeled for more information soon!