Disarm Me CTF: Hack, Decrypt, Disable



This is a red team-style mixed capture the flag event that will require you and your team to actively break into an internal network as if you were a hacker. Put on your big kid pants cause this is big time!


Thousands of organizations across the world are grappling with a new supply chain ransomware attack. A nefarious collective of hackers called The League has taken credit, but a consortium of affected organizations is turning to SAVE to take a stand… asking players to turn the tables on The League by breaking into its own network to obtain a release code that would win back their stolen data.


What to expect
Here's the sitch.... Thousands of organizations across the world are grappling with a new ransomware attack and a nefarious collective hackers called The League has taken credit and is demanding ransom. A group of those affected companies are fed up with the barrage of cyber threats and are fighting back. To do that, they've contracted with a gray hat hacking organization called SAVE to break into The League's network and spoil its plans and rattle their cages.


The challenges within this CTF are intermediate-level and hints are provided via in-game chat.

 

Goals and Objectives

Assemble a team of 3-4 players capable of breaking into an internal network as if you were a hacker. Points will be awarded for completing challenges, covertly breaking into The League's network and working collaboratively with your team to obtain the passphrase. Be on the lookout for a few extra flags along the way, too, that can add to your point value but aren't required to finish the game. There are several "side quests" riddled throughout the network that could prove useful for our Intelligence team. Report this information successfully and win more points!

Open Source Tools:

  • Frameworks – Metasploit
  • Post-exploitation – Meterpreter
  • SQL vulnerability detection/exploitation – SQLmap
  • Web Reconnaissance/Exploitation – Burp Suite
  • Directory/File enumeration – Dirbuster, Wfuzz
  • DNS enumeration – Fierce, DNSrecon
  • Password Cracking – John-the-Ripper, Hashcat
  • Network Reconnaissance – NMAP
  • Steganography – Steghide
  • Reverse-Engineering – Ghidra, GDB, Strings

 

Who should attend?

Red team members and offensive security specialists, Penetration testers, security researchers and ethical hackers, Incident responders, CISOs and security managers, Security and network architects, engineers and administrators and Professionals responsible for physical and information security

Relevant Government Agencies

Other Federal Agencies, Federal Government, State & Local Government


Event Type
Virtual


This event has no exhibitor/sponsor opportunities


When
Thu, Sep 26, 2024, 9:00am - 5:00pm ET


Cost
Complimentary:    $ 0.00


Website
Click here to visit event website


Organizer
World Wide Technology


Contact Event Organizer



Return to search results