网络攻防赛,提升你的安全技术水平.pdf
《网络攻防赛,提升你的安全技术水平.pdf》由会员分享,可在线阅读,更多相关《网络攻防赛,提升你的安全技术水平.pdf(53页珍藏版)》请在三一文库上搜索。
1、Tel +41 55 214 41 60 Fax +41 55 214 41 61 teamcsnc.ch www.csnc.ch Compass Security AG Werkstrasse 20 Postfach 2038 CH-8645 Jona Ivan Btler ivan.buetlercompass- National Cyber Storm Competition HandsHands- -On Security ChallengesOn Security Challenges OWASP AppSec Beijing 2013 Compass Security AG Sli
2、de 2 www.csnc.ch My Name is Ivan Btler CEO Compass Security AG Switzerland Compass Security AG Slide 3 www.csnc.ch My Home, Switzerland Compass Security AG Slide 4 www.csnc.ch Compass Security AG Penetration Testing Forensic Analysis Compass Security AG Slide 5 www.csnc.ch Why am I here? Because we
3、run a Remote Security Lab in Switzerland. It is called HackingHacking- -LabLab Security Puzzles / Challenges / HandsSecurity Puzzles / Challenges / Hands- -OnOn Because OWASP is offering free Hacking- Lab OWASP TOP 10OWASP TOP 10 Web Security Challenges Because Hacking-Lab is being used for NATIONAL
4、 CYBER STORM COMPETITIONSNATIONAL CYBER STORM COMPETITIONS Tel +41 55 214 41 60 Fax +41 55 214 41 61 teamcsnc.ch www.csnc.ch Compass Security AG Werkstrasse 20 Postfach 2038 CH-8645 Jona At the endAt the end: You should understand how to setup your own security lab security lab and how to use the fr
5、eefree OWASP challenges Compass Security AG Slide 7 www.csnc.ch A long time ago . I was looking for a young jedi knight 俗塵 - 絕地武士 CTF 2007 in Switzerland Compass Security AG Slide 8 www.csnc.ch 2009 Swiss Cyber Storm 2 Fist Swiss Cyber Talent Competition 瑞士的網絡天賦競爭 Compass Security AG Slide 9 www.csn
6、c.ch 2011 Swiss Cyber Storm 3 International CTF SCS3 in Switzerland Prize獎 = New CarNew Car新車 Compass Security AG Slide 10 www.csnc.ch 2013 - Swiss Cyber Storm 4 Compass Security AG Slide 11 www.csnc.ch Challenge Categories Web Security Malware / Trojan / Bugs Windows Security Apple Security Penetra
7、tion Testing Networking Forensics Reverse Engineering VoiP / SS7 / GSM Wireless Security Unix / Linux Security Crypto Challenges Programming Fun Challenge iPhone Challenge Android Challenge Tel +41 55 214 41 60 Fax +41 55 214 41 61 teamcsnc.ch www.csnc.ch Compass Security AG Werkstrasse 20 Postfach
8、2038 CH-8645 Jona What is Hacking-Lab? Compass Security AG Slide 13 www.csnc.ch What is Hacking-Lab? Compass Security AG Slide 14 www.csnc.ch Understanding Hacking-Lab 1)Registration 2)Challenge Details Solving the challenges(VPN) Send Solution Solution Grading Tel +41 55 214 41 60 Fax +41 55 214 41
9、 61 teamcsnc.ch www.csnc.ch Compass Security AG Werkstrasse 20 Postfach 2038 CH-8645 Jona SQL Injection & XML External Entity Attack DemonstrationDemonstration Hacking-Lab Tel +41 55 214 41 60 Fax +41 55 214 41 61 teamcsnc.ch www.csnc.ch Compass Security AG Werkstrasse 20 Postfach 2038 CH-8645 Jona
10、Details about Hacking-Lab Compass Security AG Slide 17 www.csnc.ch What is Hacking-Lab? (1) Vulnerable Servers and Applications (Web, Windows, Linux, iOS, Android) (2) Description about the security challenges (3) Tools required for solving the challenges (4) Teacher functions (accept/reject solutio
11、ns) solutions, solution movies Compass Security AG Slide 18 www.csnc.ch Details about Hacking-Lab (1/4) (1) Vulnerable Servers and Applications (Web, Windows, Linux, iOS, Android) (2) Description about the security challenges (3) Tools required for solving the challenges (4) Teacher function (accept
12、/reject solutions) Compass Security AG Slide 19 www.csnc.ch Details about Hacking-Lab Vulnerable ServersServers Remote Security Lab Vulnerable MobileMobile Apps Automatic Revert to Snapshot Automatic Revert to Snapshot Tel +41 55 214 41 60 Fax +41 55 214 41 61 teamcsnc.ch www.csnc.ch Compass Securit
13、y AG Werkstrasse 20 Postfach 2038 CH-8645 Jona Movie 1: Vulnerable Servers (ESXi) Compass Security AG Slide 21 www.csnc.ch Vulnerable Servers (ESX Virtualization) Compass Security AG Slide 22 www.csnc.ch Vulnerable Servers (ESX Virtualization) Vulnerable Servers * SIP Gateway * IIS * Web Security *
14、Fuzzing Challenge * Pyhton Challenge * Mimikatz * Shell of the Future * License Challenge * Nessus Scanning Compass Security AG Slide 23 www.csnc.ch Vulnerable Servers (ESX Virtualization) Vulnerable Servers * Splung Engine * Java Script Arena * Web Goat * Struts Challenge * Buffer Overflow * HTML5
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- 网络 攻防 提升 安全 技术水平
链接地址:https://www.31doc.com/p-3335015.html