digital-forensics-labs/SecGen
1
0
Fork 0
mirror of https://github.com/cliffe/SecGen.git synced 2026-02-20 13:50:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
7cf89236b7662280f84a43aab23607e43089caac
SecGen/README-CyBOK-CTF-Scenarios-Indexed.md
Z. Cliffe Schreuders 54c5cb6c43 CyBOK listing update
2022-02-28 12:25:42 +00:00

1170 lines
57 KiB
Markdown
Raw Blame History

# CTF Scenarios and CyBOK
The Cyber Security Body of Knowledge (CyBOK) is a body of knowledge that aims to encapsulate the various knowledge areas present within cyber security. Scenarios within SecGen now contain XML elements linking them to CyBOK knowledge areas and specific topics within those knowledge areas. Additionally, video lectures for scenarios are tagged with CyBOK associations.
This file is an autogenerated index and cross referencing of the 31 SecGen CTF scenarios that have CyBOK metadata.
You can browse the list below in terms of the [CyBOK Knowledge Areas, and Topics](#scenarios-indexed-by-cybok-knowledge-area-ka). The [list of scenarios](#scenario-cybok-keywords) in the second half of this document includes keywords (also known as "indicative topics" in CyBOK terminology).
> The all lowercase topics and keywords are provided by NCSC for CyBOK mapping, while all caps indicates it is taken from the [CyBOK mapping reference](https://www.cybok.org/media/downloads/CyBOk-mapping-reference-v1.1.pdf), mixed case keywords are ones that we have added.
> Cyber Securtiy Body of Knowledge (CyBOK) Issue 1.1 is Crown Copyright, The National Cyber Security Centre 2021, licensed under the Open Government Licence http://www.nationalarchives.gov.uk/doc/open-government-licence/.
# Scenarios Indexed By CyBOK Knowledge Area (KA)
[Authentication, Authorisation &amp; Accountability (AAA)](#authentication,-authorisation--accountability-aaa)</br>
[Operating Systems &amp; Virtualisation (OSV)](#operating-systems--virtualisation-osv)</br>
[Cryptography (C)](#cryptography-c)</br>
[Web &amp; Mobile Security (WAM)](#web--mobile-security-wam)</br>
[Malware &amp; Attack Technology (MAT)](#malware--attack-technology-mat)</br>
[Software Security (SS)](#software-security-ss)</br>
[Security Operations &amp; Incident Management (SOIM)](#security-operations--incident-management-soim)</br>
[Adversarial Behaviours (AB)](#adversarial-behaviours-ab)</br>
[Forensics (F)](#forensics-f)</br>
[Privacy &amp; Online Rights (POR)](#privacy--online-rights-por)</br>
[Network Security (NS)](#network-security-ns)</br>
## Authentication, Authorisation &amp; Accountability (AAA)
### AAA Scenarios
[access_can_roll.xml](#access_can_rollxml)</br>[all_moin.xml](#all_moinxml)</br>[brief_case.xml](#brief_casexml)</br>[container_escape.xml](#container_escapexml)</br>[encoding_challenges.xml](#encoding_challengesxml)</br>[eyearesee.xml](#eyeareseexml)</br>[feeling_blu.xml](#feeling_bluxml)</br>[ff_hackme_corp.xml](#ff_hackme_corpxml)</br>[ff_leaked.xml](#ff_leakedxml)</br>[ff_that_escalated_quickly.xml](#ff_that_escalated_quicklyxml)</br>[flawed_fortress.xml](#flawed_fortressxml)</br>[hackme_crackme.xml](#hackme_crackmexml)</br>[nosferatu.xml](#nosferatuxml)</br>[nw_cyber_games.xml](#nw_cyber_gamesxml)</br>[post_it.xml](#post_itxml)</br>[putting_it_together.xml](#putting_it_togetherxml)</br>[rooting_for_a_win_user.xml](#rooting_for_a_win_userxml)</br>[such_a_git.xml](#such_a_gitxml)</br>[time_to_patch.xml](#time_to_patchxml)</br>
### AAA Scenarios by Topics
| Topic | Scenario |
| --- | --- |
Authorisation | [access_can_roll.xml](#access_can_rollxml)</br>[all_moin.xml](#all_moinxml)</br>[brief_case.xml](#brief_casexml)</br>[container_escape.xml](#container_escapexml)</br>[eyearesee.xml](#eyeareseexml)</br>[feeling_blu.xml](#feeling_bluxml)</br>[ff_hackme_corp.xml](#ff_hackme_corpxml)</br>[ff_leaked.xml](#ff_leakedxml)</br>[ff_that_escalated_quickly.xml](#ff_that_escalated_quicklyxml)</br>[flawed_fortress.xml](#flawed_fortressxml)</br>[hackme_crackme.xml](#hackme_crackmexml)</br>[nosferatu.xml](#nosferatuxml)</br>[putting_it_together.xml](#putting_it_togetherxml)</br>[rooting_for_a_win_user.xml](#rooting_for_a_win_userxml)</br>[such_a_git.xml](#such_a_gitxml)</br>[time_to_patch.xml](#time_to_patchxml)</br>
Authentication | [encoding_challenges.xml](#encoding_challengesxml)</br>[feeling_blu.xml](#feeling_bluxml)</br>[ff_leaked.xml](#ff_leakedxml)</br>[hackme_crackme.xml](#hackme_crackmexml)</br>[nw_cyber_games.xml](#nw_cyber_gamesxml)</br>[post_it.xml](#post_itxml)</br>[such_a_git.xml](#such_a_gitxml)</br>[time_to_patch.xml](#time_to_patchxml)</br>
## Operating Systems &amp; Virtualisation (OSV)
### OSV Scenarios
[access_can_roll.xml](#access_can_rollxml)</br>[all_moin.xml](#all_moinxml)</br>[brief_case.xml](#brief_casexml)</br>[container_escape.xml](#container_escapexml)</br>[eyearesee.xml](#eyeareseexml)</br>[feeling_blu.xml](#feeling_bluxml)</br>[ff_leaked.xml](#ff_leakedxml)</br>[nosferatu.xml](#nosferatuxml)</br>[putting_it_together.xml](#putting_it_togetherxml)</br>[rooting_for_a_win_user.xml](#rooting_for_a_win_userxml)</br>[such_a_git.xml](#such_a_gitxml)</br>[time_to_patch.xml](#time_to_patchxml)</br>
### OSV Scenarios by Topics
| Topic | Scenario |
| --- | --- |
Primitives for Isolation and Mediation | [access_can_roll.xml](#access_can_rollxml)</br>[all_moin.xml](#all_moinxml)</br>[brief_case.xml](#brief_casexml)</br>[container_escape.xml](#container_escapexml)</br>[eyearesee.xml](#eyeareseexml)</br>[feeling_blu.xml](#feeling_bluxml)</br>[ff_leaked.xml](#ff_leakedxml)</br>[nosferatu.xml](#nosferatuxml)</br>[putting_it_together.xml](#putting_it_togetherxml)</br>[rooting_for_a_win_user.xml](#rooting_for_a_win_userxml)</br>[such_a_git.xml](#such_a_gitxml)</br>[time_to_patch.xml](#time_to_patchxml)</br>
Role of Operating Systems | [container_escape.xml](#container_escapexml)</br>
## Cryptography (C)
### C Scenarios
[access_can_roll.xml](#access_can_rollxml)</br>[analyse_this.xml](#analyse_thisxml)</br>[encoding_challenges.xml](#encoding_challengesxml)</br>[feeling_blu.xml](#feeling_bluxml)</br>[ff_decode_me.xml](#ff_decode_mexml)</br>[ff_hackme_corp.xml](#ff_hackme_corpxml)</br>[ff_in_the_wild.xml](#ff_in_the_wildxml)</br>[flawed_fortress.xml](#flawed_fortressxml)</br>[nw_cyber_games.xml](#nw_cyber_gamesxml)</br>[post_it.xml](#post_itxml)</br>[rooting_for_a_win.xml](#rooting_for_a_winxml)</br>[time_to_patch.xml](#time_to_patchxml)</br>
### C Scenarios by Topics
| Topic | Scenario |
| --- | --- |
Public-Key Cryptography | [access_can_roll.xml](#access_can_rollxml)</br>[encoding_challenges.xml](#encoding_challengesxml)</br>
Symmetric Cryptography | [analyse_this.xml](#analyse_thisxml)</br>[encoding_challenges.xml](#encoding_challengesxml)</br>[feeling_blu.xml](#feeling_bluxml)</br>[ff_decode_me.xml](#ff_decode_mexml)</br>[ff_hackme_corp.xml](#ff_hackme_corpxml)</br>[ff_in_the_wild.xml](#ff_in_the_wildxml)</br>[flawed_fortress.xml](#flawed_fortressxml)</br>[nw_cyber_games.xml](#nw_cyber_gamesxml)</br>[post_it.xml](#post_itxml)</br>[rooting_for_a_win.xml](#rooting_for_a_winxml)</br>[time_to_patch.xml](#time_to_patchxml)</br>
## Web &amp; Mobile Security (WAM)
### WAM Scenarios
[all_moin.xml](#all_moinxml)</br>[brief_case.xml](#brief_casexml)</br>[container_escape.xml](#container_escapexml)</br>[feeling_blu.xml](#feeling_bluxml)</br>[nosferatu.xml](#nosferatuxml)</br>[rand_webapp.xml](#rand_webappxml)</br>[rand_webapp_adv.xml](#rand_webapp_advxml)</br>[time_to_patch.xml](#time_to_patchxml)</br>
### WAM Scenarios by Topics
| Topic | Scenario |
| --- | --- |
Server-Side Vulnerabilities and Mitigations | [all_moin.xml](#all_moinxml)</br>[brief_case.xml](#brief_casexml)</br>[feeling_blu.xml](#feeling_bluxml)</br>[nosferatu.xml](#nosferatuxml)</br>[rand_webapp.xml](#rand_webappxml)</br>[rand_webapp_adv.xml](#rand_webapp_advxml)</br>[time_to_patch.xml](#time_to_patchxml)</br>
Fundamental Concepts and Approaches | [brief_case.xml](#brief_casexml)</br>[container_escape.xml](#container_escapexml)</br>[feeling_blu.xml](#feeling_bluxml)</br>[rand_webapp.xml](#rand_webappxml)</br>[rand_webapp_adv.xml](#rand_webapp_advxml)</br>
## Malware &amp; Attack Technology (MAT)
### MAT Scenarios
[all_moin.xml](#all_moinxml)</br>[container_escape.xml](#container_escapexml)</br>[expert_reversing.xml](#expert_reversingxml)</br>[eyearesee.xml](#eyeareseexml)</br>[feeling_blu.xml](#feeling_bluxml)</br>[ff_hackme_corp.xml](#ff_hackme_corpxml)</br>[ff_in_the_wild.xml](#ff_in_the_wildxml)</br>[ff_leaked.xml](#ff_leakedxml)</br>[ff_that_escalated_quickly.xml](#ff_that_escalated_quicklyxml)</br>[flawed_fortress.xml](#flawed_fortressxml)</br>[hackme_crackme.xml](#hackme_crackmexml)</br>[immersing_reversing.xml](#immersing_reversingxml)</br>[nosferatu.xml](#nosferatuxml)</br>[post_it.xml](#post_itxml)</br>[ptsd.xml](#ptsdxml)</br>[putting_it_together.xml](#putting_it_togetherxml)</br>[rehearsing_reversing.xml](#rehearsing_reversingxml)</br>[rooting_for_a_win.xml](#rooting_for_a_winxml)</br>[rooting_for_a_win_user.xml](#rooting_for_a_win_userxml)</br>[smash_crack_grab_run.xml](#smash_crack_grab_runxml)</br>[such_a_git.xml](#such_a_gitxml)</br>[time_to_patch.xml](#time_to_patchxml)</br>
### MAT Scenarios by Topics
| Topic | Scenario |
| --- | --- |
Attacks and exploitation | [all_moin.xml](#all_moinxml)</br>[container_escape.xml](#container_escapexml)</br>[eyearesee.xml](#eyeareseexml)</br>[feeling_blu.xml](#feeling_bluxml)</br>[ff_hackme_corp.xml](#ff_hackme_corpxml)</br>[ff_in_the_wild.xml](#ff_in_the_wildxml)</br>[ff_leaked.xml](#ff_leakedxml)</br>[ff_that_escalated_quickly.xml](#ff_that_escalated_quicklyxml)</br>[flawed_fortress.xml](#flawed_fortressxml)</br>[hackme_crackme.xml](#hackme_crackmexml)</br>[nosferatu.xml](#nosferatuxml)</br>[post_it.xml](#post_itxml)</br>[ptsd.xml](#ptsdxml)</br>[putting_it_together.xml](#putting_it_togetherxml)</br>[rooting_for_a_win.xml](#rooting_for_a_winxml)</br>[rooting_for_a_win_user.xml](#rooting_for_a_win_userxml)</br>[smash_crack_grab_run.xml](#smash_crack_grab_runxml)</br>[such_a_git.xml](#such_a_gitxml)</br>[time_to_patch.xml](#time_to_patchxml)</br>
Malicious Activities by Malware | [all_moin.xml](#all_moinxml)</br>[eyearesee.xml](#eyeareseexml)</br>[feeling_blu.xml](#feeling_bluxml)</br>[ff_hackme_corp.xml](#ff_hackme_corpxml)</br>[ff_leaked.xml](#ff_leakedxml)</br>[ff_that_escalated_quickly.xml](#ff_that_escalated_quicklyxml)</br>[flawed_fortress.xml](#flawed_fortressxml)</br>[hackme_crackme.xml](#hackme_crackmexml)</br>[nosferatu.xml](#nosferatuxml)</br>[post_it.xml](#post_itxml)</br>[ptsd.xml](#ptsdxml)</br>[putting_it_together.xml](#putting_it_togetherxml)</br>[rooting_for_a_win_user.xml](#rooting_for_a_win_userxml)</br>[smash_crack_grab_run.xml](#smash_crack_grab_runxml)</br>[such_a_git.xml](#such_a_gitxml)</br>[time_to_patch.xml](#time_to_patchxml)</br>
Malware Analysis | [expert_reversing.xml](#expert_reversingxml)</br>[immersing_reversing.xml](#immersing_reversingxml)</br>[rehearsing_reversing.xml](#rehearsing_reversingxml)</br>
## Software Security (SS)
### SS Scenarios
[all_moin.xml](#all_moinxml)</br>[brief_case.xml](#brief_casexml)</br>[eyearesee.xml](#eyeareseexml)</br>[feeling_blu.xml](#feeling_bluxml)</br>[hackme_crackme.xml](#hackme_crackmexml)</br>[nosferatu.xml](#nosferatuxml)</br>[post_it.xml](#post_itxml)</br>[ptsd.xml](#ptsdxml)</br>[rand_webapp.xml](#rand_webappxml)</br>[rand_webapp_adv.xml](#rand_webapp_advxml)</br>[rooting_for_a_win.xml](#rooting_for_a_winxml)</br>[rooting_for_a_win_user.xml](#rooting_for_a_win_userxml)</br>[smash_crack_grab_run.xml](#smash_crack_grab_runxml)</br>[such_a_git.xml](#such_a_gitxml)</br>[time_to_patch.xml](#time_to_patchxml)</br>
### SS Scenarios by Topics
| Topic | Scenario |
| --- | --- |
Categories of Vulnerabilities | [all_moin.xml](#all_moinxml)</br>[brief_case.xml](#brief_casexml)</br>[eyearesee.xml](#eyeareseexml)</br>[feeling_blu.xml](#feeling_bluxml)</br>[hackme_crackme.xml](#hackme_crackmexml)</br>[nosferatu.xml](#nosferatuxml)</br>[post_it.xml](#post_itxml)</br>[ptsd.xml](#ptsdxml)</br>[rand_webapp.xml](#rand_webappxml)</br>[rand_webapp_adv.xml](#rand_webapp_advxml)</br>[rooting_for_a_win.xml](#rooting_for_a_winxml)</br>[rooting_for_a_win_user.xml](#rooting_for_a_win_userxml)</br>[smash_crack_grab_run.xml](#smash_crack_grab_runxml)</br>[such_a_git.xml](#such_a_gitxml)</br>[time_to_patch.xml](#time_to_patchxml)</br>
## Security Operations &amp; Incident Management (SOIM)
### SOIM Scenarios
[all_moin.xml](#all_moinxml)</br>[analyse_this.xml](#analyse_thisxml)</br>[banner_grab_and_run.xml](#banner_grab_and_runxml)</br>[container_escape.xml](#container_escapexml)</br>[eyearesee.xml](#eyeareseexml)</br>[feeling_blu.xml](#feeling_bluxml)</br>[ff_hackme_corp.xml](#ff_hackme_corpxml)</br>[ff_in_the_wild.xml](#ff_in_the_wildxml)</br>[ff_leaked.xml](#ff_leakedxml)</br>[ff_that_escalated_quickly.xml](#ff_that_escalated_quicklyxml)</br>[flawed_fortress.xml](#flawed_fortressxml)</br>[hackme_crackme.xml](#hackme_crackmexml)</br>[nosferatu.xml](#nosferatuxml)</br>[post_it.xml](#post_itxml)</br>[ptsd.xml](#ptsdxml)</br>[putting_it_together.xml](#putting_it_togetherxml)</br>[rand_webapp.xml](#rand_webappxml)</br>[rand_webapp_adv.xml](#rand_webapp_advxml)</br>[rooting_for_a_win.xml](#rooting_for_a_winxml)</br>[rooting_for_a_win_user.xml](#rooting_for_a_win_userxml)</br>[smash_crack_grab_run.xml](#smash_crack_grab_runxml)</br>[such_a_git.xml](#such_a_gitxml)</br>[time_to_patch.xml](#time_to_patchxml)</br>
### SOIM Scenarios by Topics
| Topic | Scenario |
| --- | --- |
PENETRATION TESTING | [all_moin.xml](#all_moinxml)</br>[banner_grab_and_run.xml](#banner_grab_and_runxml)</br>[container_escape.xml](#container_escapexml)</br>[eyearesee.xml](#eyeareseexml)</br>[feeling_blu.xml](#feeling_bluxml)</br>[ff_hackme_corp.xml](#ff_hackme_corpxml)</br>[ff_in_the_wild.xml](#ff_in_the_wildxml)</br>[ff_leaked.xml](#ff_leakedxml)</br>[ff_that_escalated_quickly.xml](#ff_that_escalated_quicklyxml)</br>[flawed_fortress.xml](#flawed_fortressxml)</br>[hackme_crackme.xml](#hackme_crackmexml)</br>[nosferatu.xml](#nosferatuxml)</br>[post_it.xml](#post_itxml)</br>[ptsd.xml](#ptsdxml)</br>[putting_it_together.xml](#putting_it_togetherxml)</br>[rand_webapp.xml](#rand_webappxml)</br>[rand_webapp_adv.xml](#rand_webapp_advxml)</br>[rooting_for_a_win.xml](#rooting_for_a_winxml)</br>[rooting_for_a_win_user.xml](#rooting_for_a_win_userxml)</br>[smash_crack_grab_run.xml](#smash_crack_grab_runxml)</br>[such_a_git.xml](#such_a_gitxml)</br>[time_to_patch.xml](#time_to_patchxml)</br>
Monitor: Data Sources | [analyse_this.xml](#analyse_thisxml)</br>
## Adversarial Behaviours (AB)
### AB Scenarios
[all_moin.xml](#all_moinxml)</br>[eyearesee.xml](#eyeareseexml)</br>[feeling_blu.xml](#feeling_bluxml)</br>[ff_hackme_corp.xml](#ff_hackme_corpxml)</br>[ff_leaked.xml](#ff_leakedxml)</br>[ff_that_escalated_quickly.xml](#ff_that_escalated_quicklyxml)</br>[flawed_fortress.xml](#flawed_fortressxml)</br>[hackme_crackme.xml](#hackme_crackmexml)</br>[nosferatu.xml](#nosferatuxml)</br>[post_it.xml](#post_itxml)</br>[ptsd.xml](#ptsdxml)</br>[putting_it_together.xml](#putting_it_togetherxml)</br>[rooting_for_a_win_user.xml](#rooting_for_a_win_userxml)</br>[smash_crack_grab_run.xml](#smash_crack_grab_runxml)</br>[such_a_git.xml](#such_a_gitxml)</br>[time_to_patch.xml](#time_to_patchxml)</br>
### AB Scenarios by Topics
| Topic | Scenario |
| --- | --- |
Models | [all_moin.xml](#all_moinxml)</br>[eyearesee.xml](#eyeareseexml)</br>[feeling_blu.xml](#feeling_bluxml)</br>[ff_hackme_corp.xml](#ff_hackme_corpxml)</br>[ff_leaked.xml](#ff_leakedxml)</br>[ff_that_escalated_quickly.xml](#ff_that_escalated_quicklyxml)</br>[flawed_fortress.xml](#flawed_fortressxml)</br>[hackme_crackme.xml](#hackme_crackmexml)</br>[nosferatu.xml](#nosferatuxml)</br>[post_it.xml](#post_itxml)</br>[ptsd.xml](#ptsdxml)</br>[putting_it_together.xml](#putting_it_togetherxml)</br>[rooting_for_a_win_user.xml](#rooting_for_a_win_userxml)</br>[smash_crack_grab_run.xml](#smash_crack_grab_runxml)</br>[such_a_git.xml](#such_a_gitxml)</br>[time_to_patch.xml](#time_to_patchxml)</br>
## Forensics (F)
### F Scenarios
[all_moin.xml](#all_moinxml)</br>[analyse_this.xml](#analyse_thisxml)</br>[banner_grab_and_run.xml](#banner_grab_and_runxml)</br>[encoding_challenges.xml](#encoding_challengesxml)</br>[ff_decode_me.xml](#ff_decode_mexml)</br>[ff_hackme_corp.xml](#ff_hackme_corpxml)</br>[ff_in_the_wild.xml](#ff_in_the_wildxml)</br>[flawed_fortress.xml](#flawed_fortressxml)</br>[nw_cyber_games.xml](#nw_cyber_gamesxml)</br>[putting_it_together.xml](#putting_it_togetherxml)</br>[rooting_for_a_win.xml](#rooting_for_a_winxml)</br>
### F Scenarios by Topics
| Topic | Scenario |
| --- | --- |
Artifact Analysis | [all_moin.xml](#all_moinxml)</br>[analyse_this.xml](#analyse_thisxml)</br>[banner_grab_and_run.xml](#banner_grab_and_runxml)</br>[encoding_challenges.xml](#encoding_challengesxml)</br>[ff_decode_me.xml](#ff_decode_mexml)</br>[ff_hackme_corp.xml](#ff_hackme_corpxml)</br>[ff_in_the_wild.xml](#ff_in_the_wildxml)</br>[flawed_fortress.xml](#flawed_fortressxml)</br>[nw_cyber_games.xml](#nw_cyber_gamesxml)</br>[putting_it_together.xml](#putting_it_togetherxml)</br>[rooting_for_a_win.xml](#rooting_for_a_winxml)</br>
## Privacy &amp; Online Rights (POR)
### POR Scenarios
[all_moin.xml](#all_moinxml)</br>
### POR Scenarios by Topics
| Topic | Scenario |
| --- | --- |
Privacy Technologies and Democratic Values | [all_moin.xml](#all_moinxml)</br>
## Network Security (NS)
### NS Scenarios
[analyse_this.xml](#analyse_thisxml)</br>[banner_grab_and_run.xml](#banner_grab_and_runxml)</br>[container_escape.xml](#container_escapexml)</br>[ff_hackme_corp.xml](#ff_hackme_corpxml)</br>[ff_in_the_wild.xml](#ff_in_the_wildxml)</br>[ff_leaked.xml](#ff_leakedxml)</br>[nosferatu.xml](#nosferatuxml)</br>[putting_it_together.xml](#putting_it_togetherxml)</br>[rooting_for_a_win.xml](#rooting_for_a_winxml)</br>[rooting_for_a_win_user.xml](#rooting_for_a_win_userxml)</br>[such_a_git.xml](#such_a_gitxml)</br>[time_to_patch.xml](#time_to_patchxml)</br>
### NS Scenarios by Topics
| Topic | Scenario |
| --- | --- |
OSI (OPEN SYSTEM INTERCONNECT) MODEL | [analyse_this.xml](#analyse_thisxml)</br>
PENETRATION TESTING | [banner_grab_and_run.xml](#banner_grab_and_runxml)</br>[container_escape.xml](#container_escapexml)</br>[ff_hackme_corp.xml](#ff_hackme_corpxml)</br>[ff_in_the_wild.xml](#ff_in_the_wildxml)</br>[ff_leaked.xml](#ff_leakedxml)</br>[nosferatu.xml](#nosferatuxml)</br>[putting_it_together.xml](#putting_it_togetherxml)</br>[rooting_for_a_win.xml](#rooting_for_a_winxml)</br>[rooting_for_a_win_user.xml](#rooting_for_a_win_userxml)</br>[such_a_git.xml](#such_a_gitxml)</br>[time_to_patch.xml](#time_to_patchxml)</br>
# Scenario CyBOK Keywords
## access_can_roll.xml
### Details
| Key | Data |
| --- | --- |
|Name | Access can roll |
|Description | </br>There are two problem solving access control challenges on the server. Look at the home directories and the .c files.</br></br>1: Use the access_my_flag program to access the two flags (hint: think about how you can use hardlink trickery to access relative paths).</br></br>2: Look at the two shell programs and how you can combine them together to get at a flag.</br></br>Your password on both systems is: tiaspbiqe2r</br> |
|Type | ctf-lab; hackerbot-lab; lab-sheet |
|Author | Z. Cliffe Schreuders |
|Linked videos| |
|VM names| shared_desktop; server |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Authentication, Authorisation &amp; Accountability (AAA) | Authorisation | access control; Elevated privileges; Real and effective identity; Vulnerabilities and attacks on access control misconfigurations |
| Operating Systems &amp; Virtualisation (OSV) | Primitives for Isolation and Mediation | Access controls and operating systems; Linux security model; Unix File Permissions; setuid/setgid; Hardlink protections |
| Cryptography (C) | Public-Key Cryptography | public-key signatures |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/access_can_roll.xml run```
[View source](scenarios/ctf/access_can_roll.xml)
## all_moin.xml
### Details
| Key | Data |
| --- | --- |
|Name | All moin |
|Description | Hack the web_server from kali.</br> |
|Type | ctf; attack-ctf; pwn-ctf |
|Author | Z. Cliffe Schreuders |
|Linked videos| |
|VM names| attack_vm; web_server |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Web &amp; Mobile Security (WAM) | Server-Side Vulnerabilities and Mitigations | server-side misconfiguration and vulnerable components; Directory traversal |
| Malware &amp; Attack Technology (MAT) | Attacks and exploitation | EXPLOITATION; EXPLOITATION FRAMEWORKS; DIRECTORY TRAVERSAL |
| Software Security (SS) | Categories of Vulnerabilities | CVEs and CWEs |
| Security Operations &amp; Incident Management (SOIM) | PENETRATION TESTING | PENETRATION TESTING - SOFTWARE TOOLS; PENETRATION TESTING - ACTIVE PENETRATION |
| Authentication, Authorisation &amp; Accountability (AAA) | Authorisation | access control; Elevated privileges; Vulnerabilities and attacks on access control misconfigurations |
| Operating Systems &amp; Virtualisation (OSV) | Primitives for Isolation and Mediation | Access controls and operating systems; Linux security model; Attacks against SUDO |
| Adversarial Behaviours (AB) | Models | kill chains |
| Malware &amp; Attack Technology (MAT) | Malicious Activities by Malware | cyber kill chain |
| Forensics (F) | Artifact Analysis | STEGANOGRAPHY; METADATA |
| Privacy &amp; Online Rights (POR) | Privacy Technologies and Democratic Values | STEGANOGRAPHY; METADATA |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/all_moin.xml run```
[View source](scenarios/ctf/all_moin.xml)
## analyse_this.xml
### Details
| Key | Data |
| --- | --- |
|Name | Putting it together |
|Description | Analyse the files on the server from kali.</br> Username: analyse</br> Password: this!!!</br> |
|Type | ctf; attack-ctf; pwn-ctf |
|Author | Z. Cliffe Schreuders |
|Linked videos| |
|VM names| attack_vm; server |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Forensics (F) | Artifact Analysis | Encoding and alternative data formats |
| Cryptography (C) | Symmetric Cryptography | symmetric encryption and authentication |
| Network Security (NS) | OSI (OPEN SYSTEM INTERCONNECT) MODEL | APPLICATION LAYER; DATA LINK LAYER; NETWORK LAYER |
| Security Operations &amp; Incident Management (SOIM) | Monitor: Data Sources | PCAP; network traffic |
| Forensics (F) | Artifact Analysis | FILES; Hidden files |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/analyse_this.xml run```
[View source](scenarios/ctf/analyse_this.xml)
## banner_grab_and_run.xml
### Details
| Key | Data |
| --- | --- |
|Name | Banner Grab and Run For Your Life! |
|Description | The most merciful thing in the world, I think, is the inability of the human mind to correlate all its contents.</br> |
|Type | ctf |
|Author | Z. Cliffe Schreuders |
|Linked videos| |
|VM names| desktop; secret_journal_server |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Network Security (NS) | PENETRATION TESTING | PENETRATION TESTING - NETWORK MAPPING - FINGERPRINTING; PENETRATION TESTING - NETWORK MAPPING - NMAP |
| Security Operations &amp; Incident Management (SOIM) | PENETRATION TESTING | PENETRATION TESTING - NETWORK MAPPING - RECONNAISSANCE; PENETRATION TESTING - SOFTWARE TOOLS |
| Forensics (F) | Artifact Analysis | Encoding and alternative data formats |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/banner_grab_and_run.xml run```
[View source](scenarios/ctf/banner_grab_and_run.xml)
## brief_case.xml
### Details
| Key | Data |
| --- | --- |
|Name | A Brief Case (of murder) |
|Description | Single system CLI narrative-based CTF challenge.</br> The murder was solved quickly. It was a briefcase.</br> |
|Type | ctf; attack-ctf; web-hints |
|Author | Thomas Shaw |
|Linked videos| |
|VM names| target_server; attack_vm |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Authentication, Authorisation &amp; Accountability (AAA) | Authorisation | access control; Elevated privileges; Real and effective identity; Vulnerabilities and attacks on access control misconfigurations |
| Operating Systems &amp; Virtualisation (OSV) | Primitives for Isolation and Mediation | Access controls and operating systems; Linux security model; Unix File Permissions; setuid/setgid |
| Web &amp; Mobile Security (WAM) | Fundamental Concepts and Approaches | authentication; cookies; passwords and alternatives; JAVASCRIPT / HYPERTEXT MARKUP LANGUAGE (HTML) / CASCADING STYLE SHEETS (CSS) / HYPERTEXT TRANSFER PROTOCOL (HTTP)\n COOKIES; Broken Access Control / Insecure Direct Object References |
| Web &amp; Mobile Security (WAM) | Server-Side Vulnerabilities and Mitigations | injection vulnerabilities; server-side misconfiguration and vulnerable components; CROSS-SITE SCRIPTING (XSS); COMMAND INJECTION; SQL-INJECTION |
| Software Security (SS) | Categories of Vulnerabilities | Web vulnerabilities / OWASP Top 10 |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/brief_case.xml run```
[View source](scenarios/ctf/brief_case.xml)
## container_escape.xml
### Details
| Key | Data |
| --- | --- |
|Name | Containers Escape |
|Description | An "escape room" -- you need to find a way into then escape to root a docker container and a chroot container. Hints: the flags are stored in /root/ on the two VMs but you first need to find your way in, and then escape confinement. Good luck!|
|Type | ctf; attack-ctf; pwn-ctf |
|Author | Z. Cliffe Schreuders |
|Linked videos| |
|VM names| desktop; chroot_esc_server |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Authentication, Authorisation &amp; Accountability (AAA) | Authorisation | SANDBOX; Application-based access controls: user-based access controls insufficiently limit privileges |
| Operating Systems &amp; Virtualisation (OSV) | Primitives for Isolation and Mediation | Container-based sandboxes: chroot; Docker; Vulnerabilities and attacks on sandboxing misconfigurations |
| Operating Systems &amp; Virtualisation (OSV) | Role of Operating Systems | isolation; CONTAINERS |
| Web &amp; Mobile Security (WAM) | Fundamental Concepts and Approaches | sandboxing |
| Malware &amp; Attack Technology (MAT) | Attacks and exploitation | EXPLOITATION; EXPLOITATION FRAMEWORKS |
| Security Operations &amp; Incident Management (SOIM) | PENETRATION TESTING | PENETRATION TESTING - SOFTWARE TOOLS; PENETRATION TESTING - NETWORK MAPPING - RECONNAISSANCE; PENETRATION TESTING - ACTIVE PENETRATION |
| Network Security (NS) | PENETRATION TESTING | PENETRATION TESTING - NETWORK MAPPING - FINGERPRINTING; PENETRATION TESTING - NETWORK MAPPING - NMAP |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/container_escape.xml run```
[View source](scenarios/ctf/container_escape.xml)
## encoding_challenges.xml
### Details
| Key | Data |
| --- | --- |
|Name | Data Encoding and Hash Challenges |
|Description | Single system basic crypto CTF challenge.</br> Single user account with automatic root login to a desktop system.</br> Automatic installation of handy_cli_utilities, hash_tools, hashcat and john the ripper.</br> |
|Type | ctf; crypto-ctf |
|Author | Thomas Shaw |
|Linked videos| |
|VM names| system |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Cryptography (C) | Symmetric Cryptography | symmetric encryption and authentication |
| Cryptography (C) | Public-Key Cryptography | public-key encryption |
| Authentication, Authorisation &amp; Accountability (AAA) | Authentication | Cryptography and authentication (hashes and attacks against authentication schemes / passwords) |
| Forensics (F) | Artifact Analysis | cryptographic hashing; Encoding and alternative data formats |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/encoding_challenges.xml run```
[View source](scenarios/ctf/encoding_challenges.xml)
## expert_reversing.xml
### Details
| Key | Data |
| --- | --- |
|Name | Expert Reversing |
|Description | Some advanced reverse engineering challenges.</br> |
|Type | ctf; reversing-ctf |
|Author | ["Thomas Shaw", "Z. Cliffe Schreuders"] |
|Linked videos| |
|VM names| analysis |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Malware &amp; Attack Technology (MAT) | Malware Analysis | analysis techniques; STATIC ANALYSIS |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/expert_reversing.xml run```
[View source](scenarios/ctf/expert_reversing.xml)
## eyearesee.xml
### Details
| Key | Data |
| --- | --- |
|Name | Eyearesee |
|Description | Hack the server from kali.</br> |
|Type | ctf; attack-ctf; pwn-ctf |
|Author | Z. Cliffe Schreuders |
|Linked videos| |
|VM names| attack_vm; server |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Malware &amp; Attack Technology (MAT) | Attacks and exploitation | EXPLOITATION; EXPLOITATION FRAMEWORKS; BACKDOOR TROJANS |
| Software Security (SS) | Categories of Vulnerabilities | CVEs and CWEs |
| Security Operations &amp; Incident Management (SOIM) | PENETRATION TESTING | PENETRATION TESTING - SOFTWARE TOOLS; PENETRATION TESTING - ACTIVE PENETRATION |
| Authentication, Authorisation &amp; Accountability (AAA) | Authorisation | access control; Elevated privileges; Vulnerabilities and attacks on access control misconfigurations |
| Operating Systems &amp; Virtualisation (OSV) | Primitives for Isolation and Mediation | Access controls and operating systems; Linux security model; Attacks against SUDO |
| Adversarial Behaviours (AB) | Models | kill chains |
| Malware &amp; Attack Technology (MAT) | Malicious Activities by Malware | cyber kill chain |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/eyearesee.xml run```
[View source](scenarios/ctf/eyearesee.xml)
## feeling_blu.xml
### Details
| Key | Data |
| --- | --- |
|Name | Feeling Blu |
|Description | Hack the web_server from kali.</br> |
|Type | ctf; attack-ctf; pwn-ctf |
|Author | Z. Cliffe Schreuders |
|Linked videos| |
|VM names| attack_vm; web_server |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Web &amp; Mobile Security (WAM) | Fundamental Concepts and Approaches | authentication; passwords and alternatives |
| Authentication, Authorisation &amp; Accountability (AAA) | Authentication | user authentication; BRUTEFORCE |
| Web &amp; Mobile Security (WAM) | Server-Side Vulnerabilities and Mitigations | server-side misconfiguration and vulnerable components; FILE UPLOAD VULNERABILITY |
| Malware &amp; Attack Technology (MAT) | Attacks and exploitation | EXPLOITATION; EXPLOITATION FRAMEWORKS |
| Software Security (SS) | Categories of Vulnerabilities | CVEs and CWEs |
| Security Operations &amp; Incident Management (SOIM) | PENETRATION TESTING | PENETRATION TESTING - SOFTWARE TOOLS; PENETRATION TESTING - ACTIVE PENETRATION |
| Authentication, Authorisation &amp; Accountability (AAA) | Authorisation | access control; Elevated privileges; Vulnerabilities and attacks on access control misconfigurations |
| Operating Systems &amp; Virtualisation (OSV) | Primitives for Isolation and Mediation | Access controls and operating systems; Linux security model; Attacks against SUDO |
| Adversarial Behaviours (AB) | Models | kill chains |
| Malware &amp; Attack Technology (MAT) | Malicious Activities by Malware | cyber kill chain |
| Cryptography (C) | Symmetric Cryptography | symmetric encryption and authentication |
| Authentication, Authorisation &amp; Accountability (AAA) | Authentication | BRUTEFORCE |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/feeling_blu.xml run```
[View source](scenarios/ctf/feeling_blu.xml)
## ff_decode_me.xml
### Details
| Key | Data |
| --- | --- |
|Name | Decode Me |
|Description | Find the encoded messages and decode them.</br> |
|Type | ctf; attack-ctf; pwn-ctf |
|Author | ["Z. Cliffe Schreuders", "Thomas Shaw"] |
|Linked videos| |
|VM names| attack_vm; decode_me |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Cryptography (C) | Symmetric Cryptography | symmetric encryption and authentication |
| Forensics (F) | Artifact Analysis | cryptographic hashing; Encoding and alternative data formats |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/ff_decode_me.xml run```
[View source](scenarios/ctf/ff_decode_me.xml)
## ff_hackme_corp.xml
### Details
| Key | Data |
| --- | --- |
|Name | Hackme Corp |
|Description | A bunch of servers for you to hack.</br></br>Login to the attacker VM with user: root, password: toor. There are three servers for you to attack (same IP address range, ending in .3,.4,.5), and flags are often found in home directories (/home/, /root/). Beware of red herrings.</br></br>Happy hacking!</br> |
|Type | ctf; attack-ctf; pwn-ctf |
|Author | Z. Cliffe Schreuders |
|Linked videos| |
|VM names| attack_vm; hackme_server; hackmetoo_server; hackmethree_server |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Cryptography (C) | Symmetric Cryptography | symmetric encryption and authentication |
| Forensics (F) | Artifact Analysis | cryptographic hashing; Encoding and alternative data formats |
| Malware &amp; Attack Technology (MAT) | Attacks and exploitation | EXPLOITATION; EXPLOITATION FRAMEWORKS |
| Security Operations &amp; Incident Management (SOIM) | PENETRATION TESTING | PENETRATION TESTING - SOFTWARE TOOLS; PENETRATION TESTING - ACTIVE PENETRATION; PENETRATION TESTING - NETWORK MAPPING - RECONNAISSANCE |
| Network Security (NS) | PENETRATION TESTING | PENETRATION TESTING - NETWORK MAPPING - FINGERPRINTING; PENETRATION TESTING - NETWORK MAPPING - NMAP |
| Authentication, Authorisation &amp; Accountability (AAA) | Authorisation | Elevated privileges |
| Adversarial Behaviours (AB) | Models | kill chains |
| Malware &amp; Attack Technology (MAT) | Malicious Activities by Malware | cyber kill chain |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/ff_hackme_corp.xml run```
[View source](scenarios/ctf/ff_hackme_corp.xml)
## ff_in_the_wild.xml
### Details
| Key | Data |
| --- | --- |
|Name | Flawed Fortress |
|Description | Hack the server. Find / decode the flags.</br> |
|Type | ctf; attack-ctf; pwn-ctf |
|Author | ["Z. Cliffe Schreuders", "Thomas Shaw"] |
|Linked videos| |
|VM names| attack_vm; in_the_wild |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Cryptography (C) | Symmetric Cryptography | symmetric encryption and authentication |
| Forensics (F) | Artifact Analysis | cryptographic hashing; Encoding and alternative data formats |
| Malware &amp; Attack Technology (MAT) | Attacks and exploitation | EXPLOITATION; EXPLOITATION FRAMEWORKS |
| Security Operations &amp; Incident Management (SOIM) | PENETRATION TESTING | PENETRATION TESTING - SOFTWARE TOOLS; PENETRATION TESTING - ACTIVE PENETRATION; PENETRATION TESTING - NETWORK MAPPING - RECONNAISSANCE |
| Network Security (NS) | PENETRATION TESTING | PENETRATION TESTING - NETWORK MAPPING - FINGERPRINTING; PENETRATION TESTING - NETWORK MAPPING - NMAP |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/ff_in_the_wild.xml run```
[View source](scenarios/ctf/ff_in_the_wild.xml)
## ff_leaked.xml
### Details
| Key | Data |
| --- | --- |
|Name | Time to Patch |
|Description | Hack the server from kali.</br> |
|Type | ctf; attack-ctf; pwn-ctf |
|Author | Z. Cliffe Schreuders |
|Linked videos| |
|VM names| attack_vm; server |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Malware &amp; Attack Technology (MAT) | Attacks and exploitation | EXPLOITATION; EXPLOITATION FRAMEWORKS |
| Security Operations &amp; Incident Management (SOIM) | PENETRATION TESTING | PENETRATION TESTING - SOFTWARE TOOLS; PENETRATION TESTING - ACTIVE PENETRATION |
| Authentication, Authorisation &amp; Accountability (AAA) | Authentication | user authentication |
| Network Security (NS) | PENETRATION TESTING | SECURE SHELL (SSH) |
| Authentication, Authorisation &amp; Accountability (AAA) | Authorisation | access control; Elevated privileges; Vulnerabilities and attacks on access control misconfigurations |
| Operating Systems &amp; Virtualisation (OSV) | Primitives for Isolation and Mediation | Access controls and operating systems; Linux security model; Attacks against SUDO |
| Adversarial Behaviours (AB) | Models | kill chains |
| Malware &amp; Attack Technology (MAT) | Malicious Activities by Malware | cyber kill chain |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/ff_leaked.xml run```
[View source](scenarios/ctf/ff_leaked.xml)
## ff_that_escalated_quickly.xml
### Details
| Key | Data |
| --- | --- |
|Name | Flawed Fortress |
|Description | Hack the server. Aim for root. Find the flags.</br> |
|Type | ctf; attack-ctf; pwn-ctf |
|Author | ["Z. Cliffe Schreuders", "Thomas Shaw"] |
|Linked videos| |
|VM names| attack_vm; that_escalated_quickly |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Malware &amp; Attack Technology (MAT) | Attacks and exploitation | EXPLOITATION; EXPLOITATION FRAMEWORKS |
| Security Operations &amp; Incident Management (SOIM) | PENETRATION TESTING | PENETRATION TESTING - SOFTWARE TOOLS; PENETRATION TESTING - ACTIVE PENETRATION |
| Authentication, Authorisation &amp; Accountability (AAA) | Authorisation | Elevated privileges |
| Adversarial Behaviours (AB) | Models | kill chains |
| Malware &amp; Attack Technology (MAT) | Malicious Activities by Malware | cyber kill chain |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/ff_that_escalated_quickly.xml run```
[View source](scenarios/ctf/ff_that_escalated_quickly.xml)
## flawed_fortress.xml
### Details
| Key | Data |
| --- | --- |
|Name | Flawed Fortress |
|Description | A three VM full day intermediate CTF, with a range of challenges of various difficulty.</br> The three VMs are not related to each other.</br> We have used this to host events with university students.</br> |
|Type | ctf; attack-ctf; pwn-ctf |
|Author | ["Z. Cliffe Schreuders", "Thomas Shaw"] |
|Linked videos| |
|VM names| attack_vm; decode_me; in_the_wild; that_escalated_quickly |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Cryptography (C) | Symmetric Cryptography | symmetric encryption and authentication |
| Forensics (F) | Artifact Analysis | cryptographic hashing; Encoding and alternative data formats |
| Malware &amp; Attack Technology (MAT) | Attacks and exploitation | EXPLOITATION; EXPLOITATION FRAMEWORKS |
| Security Operations &amp; Incident Management (SOIM) | PENETRATION TESTING | PENETRATION TESTING - SOFTWARE TOOLS; PENETRATION TESTING - ACTIVE PENETRATION |
| Authentication, Authorisation &amp; Accountability (AAA) | Authorisation | Elevated privileges |
| Adversarial Behaviours (AB) | Models | kill chains |
| Malware &amp; Attack Technology (MAT) | Malicious Activities by Malware | cyber kill chain |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/flawed_fortress.xml run```
[View source](scenarios/ctf/flawed_fortress.xml)
## hackme_crackme.xml
### Details
| Key | Data |
| --- | --- |
|Name | Hackme and Crack Me |
|Description | Hack then crack, then use those creds to ssh to second_server for flags.</br> |
|Type | ctf; attack-ctf; pwn-ctf |
|Author | Z. Cliffe Schreuders |
|Linked videos| |
|VM names| hack_and_crack_me_server; second_server; kali_cracker |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Malware &amp; Attack Technology (MAT) | Attacks and exploitation | EXPLOITATION; EXPLOITATION FRAMEWORKS |
| Software Security (SS) | Categories of Vulnerabilities | CVEs and CWEs |
| Security Operations &amp; Incident Management (SOIM) | PENETRATION TESTING | PENETRATION TESTING - SOFTWARE TOOLS; PENETRATION TESTING - ACTIVE PENETRATION |
| Authentication, Authorisation &amp; Accountability (AAA) | Authentication | BRUTEFORCE |
| Authentication, Authorisation &amp; Accountability (AAA) | Authorisation | Vulnerabilities and attacks on access control misconfigurations |
| Adversarial Behaviours (AB) | Models | kill chains |
| Malware &amp; Attack Technology (MAT) | Malicious Activities by Malware | cyber kill chain |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/hackme_crackme.xml run```
[View source](scenarios/ctf/hackme_crackme.xml)
## immersing_reversing.xml
### Details
| Key | Data |
| --- | --- |
|Name | Immersing Reversing |
|Description | Some harder reverse engineering challenges.</br> |
|Type | ctf; reversing-ctf |
|Author | ["Thomas Shaw", "Z. Cliffe Schreuders"] |
|Linked videos| |
|VM names| metactf |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Malware &amp; Attack Technology (MAT) | Malware Analysis | analysis techniques; analysis environments; STATIC ANALYSIS |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/immersing_reversing.xml run```
[View source](scenarios/ctf/immersing_reversing.xml)
## nosferatu.xml
### Details
| Key | Data |
| --- | --- |
|Name | Nosferatu |
|Description | Hack the server from kali.</br> |
|Type | ctf; attack-ctf; pwn-ctf |
|Author | Z. Cliffe Schreuders |
|Linked videos| |
|VM names| attack_vm; server |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Web &amp; Mobile Security (WAM) | Server-Side Vulnerabilities and Mitigations | server-side misconfiguration and vulnerable components; Directory traversal |
| Malware &amp; Attack Technology (MAT) | Attacks and exploitation | EXPLOITATION; EXPLOITATION FRAMEWORKS; DIRECTORY TRAVERSAL |
| Software Security (SS) | Categories of Vulnerabilities | CVEs and CWEs |
| Security Operations &amp; Incident Management (SOIM) | PENETRATION TESTING | PENETRATION TESTING - SOFTWARE TOOLS; PENETRATION TESTING - ACTIVE PENETRATION; PENETRATION TESTING - NETWORK MAPPING - RECONNAISSANCE |
| Network Security (NS) | PENETRATION TESTING | PENETRATION TESTING - NETWORK MAPPING - FINGERPRINTING; PENETRATION TESTING - NETWORK MAPPING - NMAP |
| Authentication, Authorisation &amp; Accountability (AAA) | Authorisation | access control; Elevated privileges; Vulnerabilities and attacks on access control misconfigurations |
| Operating Systems &amp; Virtualisation (OSV) | Primitives for Isolation and Mediation | Access controls and operating systems; Linux security model; Attacks against SUID |
| Adversarial Behaviours (AB) | Models | kill chains |
| Malware &amp; Attack Technology (MAT) | Malicious Activities by Malware | cyber kill chain |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/nosferatu.xml run```
[View source](scenarios/ctf/nosferatu.xml)
## nw_cyber_games.xml
### Details
| Key | Data |
| --- | --- |
|Name | Decoding |
|Description | Some basic decoding challenges.</br> The challenges are presented on a website on one of these VMs, separate from the CTF scoring.</br> |
|Type | ctf; jeopardy-ctf; web-hints |
|Author | Thomas Shaw |
|Linked videos| |
|VM names| nw_cyber_games |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Cryptography (C) | Symmetric Cryptography | symmetric encryption and authentication |
| Authentication, Authorisation &amp; Accountability (AAA) | Authentication | Cryptography and authentication (hashes and attacks against authentication schemes / passwords) |
| Forensics (F) | Artifact Analysis | cryptographic hashing; Encoding and alternative data formats |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/nw_cyber_games.xml run```
[View source](scenarios/ctf/nw_cyber_games.xml)
## post_it.xml
### Details
| Key | Data |
| --- | --- |
|Name | Post-it note-xploitation |
|Description | </br> Hack and escalate.</br> |
|Type | ctf; attack-ctf; pwn-ctf |
|Author | Z. Cliffe Schreuders |
|Linked videos| |
|VM names| windows_server; linux_server; kali |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Malware &amp; Attack Technology (MAT) | Attacks and exploitation | EXPLOITATION; EXPLOITATION FRAMEWORKS |
| Software Security (SS) | Categories of Vulnerabilities | CVEs and CWEs |
| Security Operations &amp; Incident Management (SOIM) | PENETRATION TESTING | PENETRATION TESTING - SOFTWARE TOOLS; PENETRATION TESTING - ACTIVE PENETRATION |
| Adversarial Behaviours (AB) | Models | kill chains |
| Malware &amp; Attack Technology (MAT) | Malicious Activities by Malware | cyber kill chain |
| Malware &amp; Attack Technology (MAT) | Attacks and exploitation | Post-exploitation: pivoting attacks; information gathering |
| Cryptography (C) | Symmetric Cryptography | symmetric encryption and authentication |
| Authentication, Authorisation &amp; Accountability (AAA) | Authentication | BRUTEFORCE |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/post_it.xml run```
[View source](scenarios/ctf/post_it.xml)
## ptsd.xml
### Details
| Key | Data |
| --- | --- |
|Name | PTSD: Shell Shocked |
|Description | Hack the server from kali.</br> |
|Type | ctf; attack-ctf; pwn-ctf |
|Author | Z. Cliffe Schreuders |
|Linked videos| |
|VM names| attack_vm; server |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Malware &amp; Attack Technology (MAT) | Attacks and exploitation | EXPLOITATION; EXPLOITATION FRAMEWORKS |
| Software Security (SS) | Categories of Vulnerabilities | CVEs and CWEs |
| Security Operations &amp; Incident Management (SOIM) | PENETRATION TESTING | PENETRATION TESTING - SOFTWARE TOOLS; PENETRATION TESTING - ACTIVE PENETRATION |
| Adversarial Behaviours (AB) | Models | kill chains |
| Malware &amp; Attack Technology (MAT) | Malicious Activities by Malware | cyber kill chain |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/ptsd.xml run```
[View source](scenarios/ctf/ptsd.xml)
## putting_it_together.xml
### Details
| Key | Data |
| --- | --- |
|Name | Putting it together |
|Description | Hack the server from kali. Search the server for leaked information that will help you login and then escalate from there.</br> |
|Type | ctf; attack-ctf; pwn-ctf |
|Author | Z. Cliffe Schreuders |
|Linked videos| |
|VM names| attack_vm; server |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Network Security (NS) | PENETRATION TESTING | PENETRATION TESTING - NETWORK MAPPING - FINGERPRINTING; PENETRATION TESTING - NETWORK MAPPING - NMAP; SECURE SHELL (SSH) |
| Security Operations &amp; Incident Management (SOIM) | PENETRATION TESTING | PENETRATION TESTING - NETWORK MAPPING - RECONNAISSANCE; PENETRATION TESTING - SOFTWARE TOOLS |
| Forensics (F) | Artifact Analysis | Encoding and alternative data formats |
| Malware &amp; Attack Technology (MAT) | Attacks and exploitation | EXPLOITATION |
| Security Operations &amp; Incident Management (SOIM) | PENETRATION TESTING | PENETRATION TESTING - ACTIVE PENETRATION |
| Authentication, Authorisation &amp; Accountability (AAA) | Authorisation | access control; Elevated privileges; Vulnerabilities and attacks on access control misconfigurations |
| Operating Systems &amp; Virtualisation (OSV) | Primitives for Isolation and Mediation | Access controls and operating systems; Linux security model; Attacks against SUDO |
| Adversarial Behaviours (AB) | Models | kill chains |
| Malware &amp; Attack Technology (MAT) | Malicious Activities by Malware | cyber kill chain |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/putting_it_together.xml run```
[View source](scenarios/ctf/putting_it_together.xml)
## rand_webapp.xml
### Details
| Key | Data |
| --- | --- |
|Name | Vulnerable webapp |
|Description | A web server with a (randomly) vulnerable webapp|
|Type | ctf; attack-ctf |
|Author | Joshua Hickling |
|Linked videos| |
|VM names| web_server; kali |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Web &amp; Mobile Security (WAM) | Fundamental Concepts and Approaches | Broken Access Control / Insecure Direct Object References |
| Web &amp; Mobile Security (WAM) | Server-Side Vulnerabilities and Mitigations | injection vulnerabilities; server-side misconfiguration and vulnerable components; CROSS-SITE SCRIPTING (XSS); SQL-INJECTION |
| Software Security (SS) | Categories of Vulnerabilities | Web vulnerabilities / OWASP Top 10 |
| Security Operations &amp; Incident Management (SOIM) | PENETRATION TESTING | PENETRATION TESTING - ACTIVE PENETRATION |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/rand_webapp.xml run```
[View source](scenarios/ctf/rand_webapp.xml)
## rand_webapp_adv.xml
### Details
| Key | Data |
| --- | --- |
|Name | Vulnerable webapp |
|Description | A web server with a (randomly) vulnerable webapp|
|Type | ctf; attack-ctf |
|Author | Joshua Hickling |
|Linked videos| |
|VM names| web_server; kali |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Web &amp; Mobile Security (WAM) | Fundamental Concepts and Approaches | Broken Access Control / Insecure Direct Object References |
| Web &amp; Mobile Security (WAM) | Server-Side Vulnerabilities and Mitigations | injection vulnerabilities; server-side misconfiguration and vulnerable components; CROSS-SITE SCRIPTING (XSS); SQL-INJECTION |
| Software Security (SS) | Categories of Vulnerabilities | Web vulnerabilities / OWASP Top 10 |
| Security Operations &amp; Incident Management (SOIM) | PENETRATION TESTING | PENETRATION TESTING - ACTIVE PENETRATION |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/rand_webapp_adv.xml run```
[View source](scenarios/ctf/rand_webapp_adv.xml)
## rehearsing_reversing.xml
### Details
| Key | Data |
| --- | --- |
|Name | Rehearsing Reversing |
|Description | Some reverse engineering challenges.</br> |
|Type | ctf; reversing-ctf |
|Author | ["Thomas Shaw", "Z. Cliffe Schreuders"] |
|Linked videos| |
|VM names| metactf |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Malware &amp; Attack Technology (MAT) | Malware Analysis | analysis techniques; analysis environments; STATIC ANALYSIS |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/rehearsing_reversing.xml run```
[View source](scenarios/ctf/rehearsing_reversing.xml)
## rooting_for_a_win.xml
### Details
| Key | Data |
| --- | --- |
|Name | Rooting for a win |
|Description | Hack the server from kali.</br> |
|Type | ctf; attack-ctf; pwn-ctf |
|Author | Z. Cliffe Schreuders |
|Linked videos| |
|VM names| attack_vm; server |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Malware &amp; Attack Technology (MAT) | Attacks and exploitation | EXPLOITATION; EXPLOITATION FRAMEWORKS; BACKDOOR TROJANS |
| Software Security (SS) | Categories of Vulnerabilities | CVEs and CWEs |
| Security Operations &amp; Incident Management (SOIM) | PENETRATION TESTING | PENETRATION TESTING - SOFTWARE TOOLS; PENETRATION TESTING - ACTIVE PENETRATION |
| Network Security (NS) | PENETRATION TESTING | FILE - TRANSFER PROTOCOL (FTP) |
| Forensics (F) | Artifact Analysis | Encoding and alternative data formats |
| Cryptography (C) | Symmetric Cryptography | symmetric encryption and authentication |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/rooting_for_a_win.xml run```
[View source](scenarios/ctf/rooting_for_a_win.xml)
## rooting_for_a_win_user.xml
### Details
| Key | Data |
| --- | --- |
|Name | Rooting for a win2 |
|Description | Hack the server from kali.</br> |
|Type | ctf; attack-ctf; pwn-ctf |
|Author | Z. Cliffe Schreuders |
|Linked videos| |
|VM names| attack_vm; server |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Malware &amp; Attack Technology (MAT) | Attacks and exploitation | EXPLOITATION; EXPLOITATION FRAMEWORKS; BACKDOOR TROJANS |
| Software Security (SS) | Categories of Vulnerabilities | CVEs and CWEs |
| Security Operations &amp; Incident Management (SOIM) | PENETRATION TESTING | PENETRATION TESTING - SOFTWARE TOOLS; PENETRATION TESTING - ACTIVE PENETRATION |
| Network Security (NS) | PENETRATION TESTING | FILE - TRANSFER PROTOCOL (FTP) |
| Authentication, Authorisation &amp; Accountability (AAA) | Authorisation | access control; Elevated privileges; Vulnerabilities and attacks on access control misconfigurations |
| Operating Systems &amp; Virtualisation (OSV) | Primitives for Isolation and Mediation | Access controls and operating systems; Linux security model; Attacks against SUDO |
| Adversarial Behaviours (AB) | Models | kill chains |
| Malware &amp; Attack Technology (MAT) | Malicious Activities by Malware | cyber kill chain |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/rooting_for_a_win_user.xml run```
[View source](scenarios/ctf/rooting_for_a_win_user.xml)
## smash_crack_grab_run.xml
### Details
| Key | Data |
| --- | --- |
|Name | Smash Crack Grab and Run |
|Description | Hack the server from kali. Involves a vulnerable service, and encrypted files.</br> |
|Type | ctf; attack-ctf; pwn-ctf |
|Author | Z. Cliffe Schreuders |
|Linked videos| |
|VM names| attack_vm; server |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Malware &amp; Attack Technology (MAT) | Attacks and exploitation | EXPLOITATION; EXPLOITATION FRAMEWORKS |
| Software Security (SS) | Categories of Vulnerabilities | CVEs and CWEs |
| Security Operations &amp; Incident Management (SOIM) | PENETRATION TESTING | PENETRATION TESTING - SOFTWARE TOOLS; PENETRATION TESTING - ACTIVE PENETRATION |
| Adversarial Behaviours (AB) | Models | kill chains |
| Malware &amp; Attack Technology (MAT) | Malicious Activities by Malware | cyber kill chain |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/smash_crack_grab_run.xml run```
[View source](scenarios/ctf/smash_crack_grab_run.xml)
## such_a_git.xml
### Details
| Key | Data |
| --- | --- |
|Name | Such a git |
|Description | Hack the web_server from kali.</br> |
|Type | ctf; attack-ctf; pwn-ctf |
|Author | Z. Cliffe Schreuders |
|Linked videos| |
|VM names| attack_vm; web_server |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Authentication, Authorisation &amp; Accountability (AAA) | Authentication | user authentication |
| Network Security (NS) | PENETRATION TESTING | SECURE SHELL (SSH) |
| Malware &amp; Attack Technology (MAT) | Attacks and exploitation | EXPLOITATION; EXPLOITATION FRAMEWORKS |
| Software Security (SS) | Categories of Vulnerabilities | CVEs and CWEs |
| Security Operations &amp; Incident Management (SOIM) | PENETRATION TESTING | PENETRATION TESTING - SOFTWARE TOOLS; PENETRATION TESTING - ACTIVE PENETRATION |
| Authentication, Authorisation &amp; Accountability (AAA) | Authorisation | access control; Elevated privileges; Vulnerabilities and attacks on access control misconfigurations |
| Operating Systems &amp; Virtualisation (OSV) | Primitives for Isolation and Mediation | Access controls and operating systems; Linux security model; Attacks against SUDO |
| Adversarial Behaviours (AB) | Models | kill chains |
| Malware &amp; Attack Technology (MAT) | Malicious Activities by Malware | cyber kill chain |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/such_a_git.xml run```
[View source](scenarios/ctf/such_a_git.xml)
## time_to_patch.xml
### Details
| Key | Data |
| --- | --- |
|Name | Time to Patch |
|Description | Hack the server from kali.</br> |
|Type | ctf; attack-ctf; pwn-ctf |
|Author | Z. Cliffe Schreuders |
|Linked videos| |
|VM names| attack_vm; server |
### CyBOK KAs, Topics, and Keywords
| KA | Topic | Keywords
| --- | --- | --- |
| Network Security (NS) | PENETRATION TESTING | FILE - TRANSFER PROTOCOL (FTP) |
| Web &amp; Mobile Security (WAM) | Server-Side Vulnerabilities and Mitigations | server-side misconfiguration and vulnerable components; Directory traversal |
| Malware &amp; Attack Technology (MAT) | Attacks and exploitation | EXPLOITATION; EXPLOITATION FRAMEWORKS; DIRECTORY TRAVERSAL |
| Software Security (SS) | Categories of Vulnerabilities | CVEs and CWEs |
| Security Operations &amp; Incident Management (SOIM) | PENETRATION TESTING | PENETRATION TESTING - SOFTWARE TOOLS; PENETRATION TESTING - ACTIVE PENETRATION |
| Authentication, Authorisation &amp; Accountability (AAA) | Authentication | user authentication |
| Network Security (NS) | PENETRATION TESTING | SECURE SHELL (SSH) |
| Authentication, Authorisation &amp; Accountability (AAA) | Authorisation | access control; Elevated privileges; Vulnerabilities and attacks on access control misconfigurations |
| Operating Systems &amp; Virtualisation (OSV) | Primitives for Isolation and Mediation | Access controls and operating systems; Linux security model; Attacks against SUDO |
| Adversarial Behaviours (AB) | Models | kill chains |
| Malware &amp; Attack Technology (MAT) | Malicious Activities by Malware | cyber kill chain |
| Cryptography (C) | Symmetric Cryptography | symmetric encryption and authentication |
| Authentication, Authorisation &amp; Accountability (AAA) | Authentication | BRUTEFORCE |
Command to build VMs and start scenario:
```ruby secgen.rb -s scenarios/ctf/time_to_patch.xml run```
[View source](scenarios/ctf/time_to_patch.xml)
Reference in New Issue View Git Blame Copy Permalink