Prior to this event, we sent out the following description of what the CTF Cluster is all about...
“Hackathon”, “Cyber Challenge”, “Code Fest”, “Red Team vs Blue Team”, “Black-hatting”, “Capture the Flag”
These are all words that are very familiar to people who have been involved in competitive computer gaming, coding and hacking but they are relatively new to the 'main stream' and have really come to the fore along with the rise of the cyber threat and need for everyone to become more cyber-savvy.
For the un-initiated, these words may also conjure up some scary images of rooms full of very knowledgeable computer geeks with lots of experience of hacking, able to use their computers with as much ease as kids seem to use computer game controllers, who could undoubtedly run rings around anyone who would not be considered an “expert”.
But... are you curious? Have you ever wondered:-
* What it's all about?
* What actually happens at one of these events?
* Just how much knowledge and/or experience do you need in order to take part?
* How much do you need to know to not look like a muppet? (after all, the gaming community are pretty famous for being brutal in their verbal haranguing of new people in their midst - ”nubes”).
* What is the point of doing a hackathon?
* Is it just a game or is there a hidden benefit to the 'gamification' of the hacker vs the SOC contest (or Red Team vs Blue Team)?
Or... have you been to these events and now you are looking for additional places where you can learn more about the tools and techniques, gain more knowledge and build your experience to be better at it?
If so, then welcome to The Cyber Wales Capture the Flag Cluster
This new cluster is designed to provide a welcoming environment for all abilities to come and learn about the techniques required for participating in CTFs, whether you are looking to just know more about how these competitions work, looking to enter your first event or are and experienced CTF participant, this new cluster is here to help.
Each month, attendees will experience samples of real CTF challenges including complete walk-throughs for the sample challenges and the ability to network and discuss topics of interest with other attendees.
The Cluster will also be 'Ground Zero' for a brand new Cyber Wales National Capture the Flag Competition which will run every year (starting now!) and the meetings will provide coaching and advice for members who want to take part.
This description piqued the interest of more than 80 people from all walks of life including CISOs, IT staff, Red Team Operators, Risk Consultants, Students and Faculty members from universities and colleges who all turned up to the launch of this new cluster.
The meeting ran in both North and South Wales simultaneously and people at Glyndwr University were connected via video and audio to people in the University of South Wales, allowing attendees to gain the maximum benefit from speakers at both locations.
After an introductory presentation there were demonstrations given of 4 key types of CTF challenge:-
* OSINT - a typical Level 1 social engineering challenge
* Forensics - a typical Level 1-2 PCAP analysis challenge (PCAP File)
* Offensive - a typical Level 1 web-site penetration challenge
* Knowledge - a typical Level 1 technical knowledge challenge
These were not interactive challenges, they were walk-throughs from a slide deck which can be downloaded here.
