Windows Internals CTF
With
@sambowne
,
@djhardb
,
@KaitlynGuru
, and
@infosecirvin
.
Final Scores for DEFCON 29 Friday Workshop
Final Scores for DEFCON 29 Sunday Workshop
Final Scores for RSA 2022 Workshop
Scoreboard
·
Submit Flags
Archived Videos
Texas WWC 2021
GRIMMCON 0x04, 2021
CircleCityCon on June 13, 2021
Archived Scores
Texas WWC 2021
GRIMMCON 0x04
June 10, 2021
CircleCityCon, June 13, 2021
June 21, 2021
WASTC FDW, June 24, 2021
July 11, 2021
Prepare a Windows VM
Recommended
PMA 41: Windows 10 with Analysis Tools
20
Alternative Local System
H 2: Windows 2016 Server Virtual Machine
15
Best Cloud System
PMA 60: Windows 10 on Azure Cloud
15
Alternate Cloud System
PMA 30: Windows 2016 Server on Google Cloud
15
PE Files and DLLs
PMA 105: Process Explorer
10
PMA 102: Unpacking
25
PMA 121: Unpacking with OllyDbg and pestudio
50
PMA 122: PE Headers
50
PMA 123: Importing DLLs
45
PMA 124: DLL Hijacking
15
PMA 125: Installing Visual Studio 2019
Not needed for Win 10 w Tools VM
10
PMA 126: DLL Proxying
20
PMA 403: API Monitor
15
Debugging
PMA 301: x86 Assembler with Jasmin
30
PMA 401. Simple EXE Hacking with Ollydbg
120
PMA 402: Hacking Minesweeper with Ollydbg
45
Kernel Debugging
PMA 410c: Kernel Debugging with LiveKD
15
PMA 430: WinDbg Preview
15
PMA 431: WinDbg Preview: Source-Level Debugging
10
PMA 432: WinDbg Preview: Kernel Debugging
35
PMA 433: Kernel Debugging with Breakpoints
30
PMA 434: Debugging a Driver
30
Exploit Development
ED 308: Exploiting "Vulnerable Server" (Local VM)
·
(Cloud)
25
ED 309: Defeating DEP with ROP
20
ED 318: Exploiting Easy RM to MP3 Converter
30
ED 319: SEH-Based Stack Overflow Exploit (Win 2016)
·
(Win 10)
65
Bootkits
PMA 420: Bootkit Analysis with Bochs
15
PMA 421: Understanding the MBR
70
TPM 1: Trusted Platform Modules on Windows
15
DOT NET
PMA 132: Reversing a .NET Executable
40
ED 330: Using C# DOT NET
20
ED 331: Dot Net Reflector
45
PowerShell
U-Cen and U-Cyb: PowerShell
75
Rust
R 10: Rust Basics, Overflows, & Injection
35
R 20: Dangling Pointers & Memory Leaks in Rust
35
Disassembly
PMA 303: IDA Pro
40
PMA 304: C Constructs in Assembly
15
PMA 510: Starting with Ghidra
10
PMA 511: Ghidra Data Displays
40
Windows Memory Protections
ED 301: Windows Stack Protection I: Assembly Code
15
ED 302: Windows Stack Protection II: Exploit Without ASLR
15
ED 303: Windows Stack Protection III: Limitations of ASLR
15
ED 310: Windows Mitigations
10
Malware Analysis
PMA 101: Basic Static Techniques
50
PMA 110: capa
15
PMA 131: Custom UPX
25
PMA 221: Basic Dynamic Analysis
60
PMA 222: Making a Windows Keylogger
10
Assembly Language
Prepare a Linux VM
ED 30: Linux Virtual Machine
15
H 201: Google Cloud Linux Server
10
ASM 100: Basics
69
ASM 104: Bases & Printing
40
ASM 105: ASCII
20
ASM 110: Gdb
30
ASM 120: Files
55
ASM 200: Caesar Cipher
35
ASM 210: XOR
20
Virtual Machine Resources
Download Textbook Labs Here
Hypervisors
VMware Player (for Windows hosts, free)
VMware Fusion (for Mac hosts, 30-day trial)
VirtualBox (free for all platforms)
Zoom:
https://zoom.us/j/4108472927
Password:
student1
TPM 1 added 7-6-2021