After successful completion of the course, students are able to fundamentally understand capture the flag (CTF) contests that are commonly used in the security community to train and upgrade skills. Students will be able to use their technical skills in a competitive environment effectively together in a team. Students will have exercised how to integrate their individual strengths in a CTF team while complementing their weaknesses. They will have exercised different ways to prepare themselves for various forms of contests, and will be trained in actively collaborating with each other during contests. Furthermore, students will a have learned organisational aspects of CTF teams and CTF competitions.
Knowledge of basic aspects of the following topics will be acquired:- Characteristics of CTFs- CTF platforms- CTF writeups- Tools and exploit scripting- Infrastructure of attack/defense CTFs- Automated analysis of network traffic- Communication and collaboration strategies- Organisation of a CTF team- Organsiation of a CTFFurthermore, practical skills in the following areas will be exercised and strengthened:- Programming/scripting- Algorithms- Web security- Binary exploitation- Reverse engineering- Application security- Mobile security- Cryptography- Forensics
Together with the instructors, necessary concepts will be worked out. Instructors provide guidance for self-study and preparation for the contests. Within the scope of CTF competitions the timely and collaborative solving of various practical IT security and computer science problems is practiced. Individual practical skills are trained, previous knowledge is extended and improved.Students participate as a team in multiple international CTF competitions during the semester. After the participation, students complete and document their solutions in the form of writeups. Lastly, students present one of their submitted writeups.
Effort for the student (ECTS-Breakdown): Preliminary talk: 0.5 h Discussions and presentations: 24.5 h Self Study: 80 h CTF participations: 30 h Documentation: 15 hTotal: 150 hours (6 ECTS)
Please direct general questions to lva.security@inso.tuwien.ac.at.
Writeups about the CTF participations and presentation of one writeup.
Not necessary
Basic knowledge and practical skills in at least 2 of the areas mentioned above are required.