Resources
Recommended Setup
We recommend you set up a Kali linux virtual machine to do CTF challenges in as kali has most of the tools you will need already installed. To set this up follow these steps:
- Download and install VirtualBox
- Download the Kali Linux OVA
- Torrenting this may speed up your download; to download a torrent you need a bittorrent client. Qbittorrent or Transmission are good free bittorrent clients.
- Open VirtualBox
- Press the “import” button in the top bar
- In the popup select the downloaded Kali Linux OVA file
- Press continue and agree to the terms
- Press start to launch your VM
- The default login credentials are username:
kali
password:kali
- The default login credentials are username:
Presentations
Presentations 2021
No | Topic | Date | Files |
---|---|---|---|
14 | Big Hak Preppers | 16/03/22 | |
13 | Reverse engineering + Cracking | 02/03/22 | pdf demo files |
12 | Wireless Attacks | 16/02/22 | |
11 | Binary Exploitation | 09/02/22 | pdf demo files |
10 | Log4Shell | 02/02/22 | |
9 | Memory Forensics | 01/12/21 | |
8 | CTF things | 17/11/21 | |
7 | Digital forensics | 10/11/21 | |
6 | LFI + SSTI + SSRF + Prototype pollution | 03/11/21 | |
5 | Password authentication and best practices | 27/10/21 | |
4 | Linux essentials + PrivEsc | 20/10/21 | |
3 | SQLi + XSS | 13/10/21 | |
2 | Kali Setup + Command Injection | 06/10/21 | |
1 | OSINT + Crypto | 29/09/21 |
Presentations 2020
No | Topic | Date | Youtube |
---|---|---|---|
6 | Binary | N/A | YouTube |
5 | Web Apps | N/A | YouTube |
4 | Wireshark | N/A | YouTube |
3 | OSINT | 07/10/20 | YouTube |
2 | CTF Setup | 14/10/20 | YouTube |
1 | Introduction to reverse engineering | 21/10/20 | YouTube |
Presentations 2019
Topic | Date | Powerpoint | |
---|---|---|---|
Fresher’s session | 25/09/19 | pptx | |
Web exploitation | 02/10/19 | pptx | |
Networking and Forensics | 09/10/19 | pptx | |
Reverse Engineering | 16/10/19 | pptx | |
CTF Fundamentals | 23/10/19 | pptx |
Learning resources
Description | Link |
---|---|
Gamified learning platform | Immersive Labs |
Cyber security MOOCs | Cybrary |
Web security training with burp suite | WSA by PortSwigger |
Intro to security | Cyber Aces by SANS |
Game related hacking (Req: knowledge of C/C++) | GuidedHacking |
InfoSec livestreams list | InfoSecstreams |
Exploit cheat sheet | HackTricks |
InfoSec youtubers
- John Hammond (InfoSec news and tutorials)
- LiveOverflow (how to think in cyber sec)
- PwnFunction (vulnerability explanations)
- The Cyber Mentor (pen testing techniques)
- IppSec (HTB walkthroughs)
- Seytonic (cyber security news)
Vulnerable boxes / CTFs
Description | Link |
---|---|
Security related wargames | Over The Wire |
Educational VMs and CTFs | Try Hack Me |
Download vulnerable VMs | Vuln Hub |
Vulnerable VMs hosted online | Hack The Box |
CTF calendar | CTF Time |
CTFs by NYU | CSAW CTF |
CTFs - Qualifiers for Defcon ctfs | Defcon CTFs |
Cryptography challenges | Cryptopals |
RE challenges | IO Wargame |
RE challenges by FireEye | FlareOn CTFs |
Other Fun Tools
Category | Description | Tools |
---|---|---|
Networks | A network packet sniffer/analyser | Wireshark |
Debugger | x86 debugger | OllyDbg |
Reverse Engineering | NSA RE tool .text fix | Ghidra |
Disassembler | X | IDApro (Freeware) |
Disassembler | X | IDApro (Evaluation) |
Decompiler | Java decompiler | JD-GUI |
Decompiler | python decompiler | Uncompyle2 |
Web App | Web pen testing framework | Burp Suite |
AutoRecon | Automatically scan services with an array of pentesting tools | AutoRecon |