Category: Uncategorized

RVAsec 7 CTF

The CTF crew is once again hard at work preparing challenges for this year’s competition. As in the past, the first day of the conference will be CTF prep while the actual competition will take place on Day 2 (Friday, June 8th). Even though it will contain some hard challenges, this is a learning CTF – not just a bash-your-head-against-the-wall competition. As such, there will be plenty of challenges from lockpicking to recon and web exploitation for people of all levels and backgrounds. Additionally, you may choose to compete as an individual or form teams of up to 4 people – there are separate prize categories for both.

You will need an updated Kali machine, but we will provide everything else.

Below is a list of some of the skills/topics that have been covered in previous years.

Entry Level: Primarily aimed at beginners and those with a less technical background, focusing on basic infosec skills and concepts.

  • Rot N encoding
  • Google Fu / OSINT
  • Examining website source code
  • Basic file analysis (eg. file, strings)
  • Trivia

Intermediate: Expect to begin taking a deep dive into the core categories by finding and exploiting vulnerabilities, cracking passwords, etc.

  • Extracting objects from Wireshark dump
  • SQL Injection
  • URL Fuzzing
  • Cracking password hashes (using john, Hashcat, etc)
  • Reverse Engineering and Disassembly

Hard: For our battle-hardened, seasoned CTF players which will challenge competitors to truly think outside the box, crack encryption, exploit binaries, and more.

  • Blacklist filter evasion for SQL Injection
  • Binary Exploitation (buffer overflows and more)
  • Cracking RSA Encryption
  • Multi-step OSINT investigation
  • Hardware

In addition, we are always looking for volunteers to help out with creating and testing all of the problems. If that interests you, please reach out to us at contact [at] metactf.com, and we’ll add you to the mailing list.

We are pleased to announce that CrowdStrike has sponsored the CTF this year!

Finally, good luck to everyone and we’ll see you in June!

 


Mobile Schedule

As  reminder, the RV4sec schedule is available in regular and mobile!


Speaker Feature: Elissa “#LADYBOSS” Shevinsky

Elissa “#LADYBOSS” Shevinsky

@ElissaShevinsky

http://www.businessinsider.com/author/elissa-shevinsky

 

200x200_shevinsky.png (200×200)Elissa Shevinsky is CEO of JeKuDo Privacy Company. JeKuDo is building the best easy to use privacy tools, and is funded by the Mach37 cyber-security accelerator in Virginia.

Shevinsky is a frequent writer and speaker, and most recently gave talks at ShmooCon, DefCon, Pii2014, SXSW, the Computers Freedom and Privacy conference and various Meetups. Shevinsky is also the author of “Lean Out,” an anthology on Silicon Valley culture, published by OR Books.

 

The Changing Legal Landscape for InfoSec: What You Need to Know

As black hat threat actors attack and embarrass American companies and celebrities, the government seeks to show that it is strong on “cybercrime” by going after the most accessible targets – researchers, journalists and “hackers” like you and me.

Changing government policies and recent court decisions have created a climate where individual infosec researchers could be jailed in the course of doing their jobs. It’s a disturbing trend but there are ways to do our work while mitigating our personal risks.

This talk reviews court cases, policy decisions, and the history of hacker convictions, along with analysis from legal experts, to consider best practices for avoiding getting slammed for your research.

 

Register now


Quick Links


RVAsec 2013 CFP is Now Open!

The call for papers for RVAsec 2013 is now open!

Conference: May 30 – June 1, 2013

Location: Richmond, VA

CFP Submission Deadline: February 4th, 2013 at 11:59 PM Eastern


RVAsec is a Richmond, VA based security convention that brings top industry speakers to the midatlantic region. In its first year, RVAsec 2012 attracted 175 security professionals from across the country. For 2013, the conference is expanding to a two day and dual-track format, with a mixed focus on technical and management/business presentations.

All talks must be 55 minutes in length, and submissions will need to select either technical or business/management tracks.

Join us and enjoy the perks!

For more information and requirements, or to submit, please visit:

http://rvasec.com/2013-cfp/