Securing Web Apps 2020 CTF

With @sambowne, @djhardb, @KaitlynGuru, and @infosecirvin.

Scoreboard · Submit Flags

   

Burp, ZAP, & Postman

W 510: Intro to Burp  60
W 520: SAML  15
W 230: Manual Audit of Hackazon  20
W 530: Exploiting ECB Encryption  75
W 200: Google Cloud Linux Servers  15
ED 290: Desktop on a Cloud Linux Server  10
W 220: Zed Attack Proxy  20
W 300: Using an API with Postman  15
W 301: Using the Github API with Postman  10

Splunk & Suricata

W 201: Drupal and Splunk  20
W 202: Using Splunk with Suricata  20

Networking

H 410: Nmap  40
H 420: Wireshark  110
W 210: Shadowsocks Proxy  15

Splunk Boss of the SOC

Boss of the SOC v1: Threat Hunting with Splunk  325

Basic Defenses

W 10: Configuring an HTTPS Server  15
W 20: reCAPTCHA  15
W 30: CanaryTokens  5

Command Injection

OWASP Top Ten
H 110: Linux Journey  83
ED 102: Command Injection  60
ED 103: SQLI Challenges  185
ED 104: CMD Injection  40
ED 105: Server Side Template Injection (SSTI)  35
W 401: Command Injection on Salt  30
ED 106: PHP-FPM Command Injection  15

Last updated 6-13-2020 9:04 am