Click here to read this page in German.

Since we clearly prefer computer viruses over real viruses like COVID-19, our workshop will be POSTPONED to an yet unknown date!

Registrations are still open, so you can reserve your seat in the meantime. We will send you an e-mail and let you confirm your registration again as soon as the new date is fixed.

Stay safe and see you soon!

Become a Hacker


Register for free!


SIGFLAG is looking for new members, again! And we want to let you get a taste of hacker air. In this workshop you will learn about the most important hacking categories and can apply your knowledge on different tasks. The experienced SIGFLAG members actively support you in the process. The aim of the workshop is also to get an insight into typical tasks at Security CTF Competitions.


REVERSE PWN WEB MOBILE

AI CRYPTO STEGO FORENSIC


When? Friday, March 27, 2020 from 12:30 to 18:00

Where? JKU Linz, Uni Center (Mensa), 2nd Floor - Altenberger Straße 69, 4040 Linz

Language? Presentations in DE. Slides in EN. Support during the workshop in DE + EN.

I only speak English. Is this workshop for me?

Yes. The slides will be in English, the necessary resources will be in English and our SIGFLAG team members will answer your questions in English. It may even be possible to cover some parts of the introduction in English as well.


Costs?

Free entry after free registration.
Free drinks. Free snacks.

We thank our sponsors ARES Cyber Intelligence, Dynatrace and epunkt for their active support. Thanks to them there will be drinks and snacks for free.


ARES Cyber Intelligence


How does the workshop work?

12:30. Our team members will introduce the hacking categories with examples and show you how best to approach the various tasks.

14:00. The hacking starts. Challenges with increasing levels of difficulty await you in each category. This will allow you to either try out all the categories for a moment or immerse yourself in a single one - depending on what you enjoy! You do not get on with a task? You do not know how to start? No problem: The experienced members of SIGFLAG will help you with tips and tricks.

18:00. After 4 hours we will complete the free hacking and present a few solutions for individual challenges. The challenges will be available online for even longer, so you can continue hacking at home.


What do I have to bring?

Your own laptop, programming skills and the curiosity and willingness to independently dive into new things. It is also important that you are enthusiastic about a category of your choice - then you will be able to accomplish its tasks as well.

For some categories, we recommend that you have some prior knowledge. These requirements and recommendations can be found in the description of the categories below.

As some advanced tools are only available on Linux, below you will find instructions on how to set up a Linux VM.


How do I set up the SIGFLAG VM?

We are still working on an updated version of the SIGFLAG VM.
Register now and receive a mail from us as soon as the VM is ready.


From which hacking categories can I choose one or more?

Reverse Engineering Pwning The code is compiled and can only be read by machines: that’s it? Not for reversers: we break down the program into its individual parts, reconstruct methods, observe the control flow and find data structures. And in pwning we use everything we can to let a program play and jump by our rules. Buffer overflows on the stack, buffer overflows on the heap, ROP chains and, with a bit of luck, a shell as well.

Required      Basic C skills + SIGFLAG VM
Recommended   Course: Systems Programming + Course: Secure Code


Web Security PHP web pages, SQL databases and JavaScript code provide a broad attack surface. In this category we break into the backend of a homepage or just dump a backup of the webservers database.

Required      A browser (e.g. Firefox or Chrome) + Basic web skills
Recommended   SQL expertise + JavaScript expertise + Course: Web Security


Mobile Security Mobile first! You are not trusting your banking app? Then we should grab the APK and take a closer look at the source code. In this category, we’ll decompile your favourite app and change it to suit our needs.

Required      DEX decompiler + Java expertise
Recommended   Android Studio + Android smartphone (or emulator)


Artificial Intelligence Adversarial Machine Learning has shown us how easily neural networks can be fooled. Don’t worry, we don’t expect you to reverse a neural network with Activation Maximization, but that’s the direction our challenges will take.

Required      Basic linear algebra + machine learning skills
Recommended   Course: LSTM and Recurrent Neural Nets


Cryptography This category is about decrypting secret messages. Together we crack everything from ancient methods such as Caesar ciphers to today’s standard algorithms such as RSA - or at least find a flaw in the implementation ;) If you like to decompose complex patterns and have a weakness for mathematics, this will certainly be the category for you.

Required      Any programming or scripting language (e.g. Python)
Recommended   Course: Cryptography


Steganography Forensic Flags in pictures. Flags in text. Flags in audio. Flags in videos. Flags - just about anywhere. Steganographers hide information in other media, “hidden in plain sight”. And forensic experts search for structure in confiscated hard drives and network traffic dumps.

Required      Any programming or scripting language (e.g. Python)
Recommended   Knowledge about media files + Usage of hex editors


I am an IT security professional. Is this workshop for me?

Yes. Even professionals will get something out of this workshop. Show us your skills! The higher levels are very tricky and we are curious if you can solve them all. Alternatively, this workshop also offers you the opportunity to discover new hacking categories.


I have never solved such challenges before. Is this workshop for me?

Yes. We introduce different hacking categories and in each category the first level is very simple. This gives you the opportunity to peek into each category and find out if you like it. You can also solve a task together in the team and get tips from our experienced members. Also see here, where we describe what you should bring with you.


Register for free!

Open questions? Drop us an e-mail to info ~ at ~ sigflag.at