An

Introduction
to CyberSec
and CTFs
d4rkc0de
Mehul (sociallyencrypted)
Do you think you've
ever been hacked?
haveibeenpwned.com
the In 2013, Target suffered a data breach
that led to the attackers stealing tons of
end-user data. Let's talk about it in
numbers:

target 40 mil. the number of credit cards

stolen

data breach

70 mil. the number of user records

stolen

in numbers 46 the percentage drop at target in 2013

q4

300 mil. the money it cost to target in

Source: KrebsOnSecurity lawsuits

"When we lose our principles, we invite chaos" ~Irving, Mr. Robot S3E1
 "No system is as perfect as it seems."

so, Just like physical security protects

physical property, cybersecurity
protects computer systems.
where Cyber Security aims to prevent
cybercriminals from accessing,
does this harming, disrupting, or modifying IT
systems and applications.

all begin? It's important for SDEs to know how

to code securely and keep their info
secure
 "That’s the thing about machines. They
how are never truly unbreakable."

does Contrary to what intuition would

security say, cybersecurity requires you to

learn offense rather than defense.

work?
You can only know your flaws when
you hack yourself.
 "The only way to patch a vulnerability is
by exposing it first."

The act of testing your own systems

for flaws (vulnerabilities) and
patching them is called penetration
umm, testing or pentesting.

This work is split between three

what? kinds of teams
Red Teams are offensive
security-focused.
Blue Teams defend against
system attacks.
Purple Teams are both
offensively and defensively
minded.
 "Believe me if you pull the right strings, a
"how do puppet will dance any way you desire."

i begin? i
Capture the Flag competitions
(CTFs) are emulations of real-world
hacking.

don't They have miniature versions of

systems and services that the player

know can exploit.

Exploiting each system gives you a

what to text file that has a "flag" which looks

like flag{random_text_here}

do." Finding each flag fetches you

points. More points take you higher
on the leaderboard.
why "It’s time to finally take back control. Real
control."

should Help you understand vulnerabilities.

Give you a space to experiment in
an ethical manner.
you do They're fun.
Each solve feels like a "Eureka!"
moment.
CTFs? Teach you how to cope with failure.
Prizes!!
CTFs
in pop
culture
CTFs
irl :D
 Reverse Engineering: Taking a
compiled (binary) program and
converting it back into code to find
the vulnerable functions in it.
types of Web Exploitation: Finding issues
related to how websites function
CTF chals and finding flaws in the way they
work.

Pwn: Imagine owning a website.

Duh, how about you own entire
systems? That's pwning.
 Cryptography: We've all heard of
"encryption". These challenges
involve finding flaws in an
encryption method and breaking it.

types of OSINT: Deriving from data and

information that is available to the
general public. It’s not limited to

CTF chals what can be found using Google,

there is just so much more.
#StalkingOnSteroids

Forensics: Finding hidden data in

seemingly ordinary files and digital
media
what do Any basic laptop works

macOS and Linux can run tools

you need out-of-the-box

Windows users need to install a

to get Linux VM or WSL

started?
A list of essential tools will be
shared on the discord server
 TryHackMe: the theory of
information security, challenges
with walkthroughs
how do PicoCTF gym: practice problems of
all levels and types
you learn HackTheBox: full fledged pwn-able
machines
hacking? ctftime.org: upcoming CTF events

Whenever in doubt, google!

 OSINT: CTFAcademy

Web: PicoCTF

Crypto:
let's try it ZDRya2MwZGV7Y3J5cHRvZ3JhcGh
5X3Byb19tYXh9 (flag format is
d4rkc0de{})
hands Forensics: exif.jpg

on! Rev: ''.join([chr(ord(flag[i])+193) for i in

range(0, len(flag))]) gives
ĥõijĬĤñĥĦļijĦķĦijĴĪįĨĠĨİĠģijijijijľ (flag
format is d4rkc0de{})

Pwn (repl)
 "You wanna know what I
believe?

That this isn’t the end, that

there’s another world out
there for the both of us, that
we’ll see each other again.
https://discord.gg/uP3bFcm6yp

Will you believe with me?"

https://t.me/joinchat/QuKJ5QEQAK-6Z__J

https://d4rkc0de.iiitd.edu.in