Frequently Asked Questions (FAQs) about CyberEDU

CyberEDU is a special environment created for infosec enthusiasts to learn and put their skills to the test while competing for a place on the leaderboard. Some might call it a cybersecurity gym where infosec skills meet challenges and develop together.

CyberEDU came as a need of the market because there are many people just getting started in the cyber security field who want to develop and learn new skills and there are skilled hackers who want to be challenged and prove their abilities.

CyberEDU was initially developed and is permanently maintained by a team of volunteers from Cyber Security Research Center from Romania - CCSIR, a Non-Governmental Organisation that organises various cyber security awareness activities including DefCamp, the largest cyber security conference from Central and Eastern Europe.
The CyberEDU Educational Archive is going to be free. In order to keep all the services up and running for a long time we will count on companies and on people willing to donate and support our initiative.

Capture the Flag (CTF) is the specific computer security competition. This kind of contests are usually designed to serve as an educational exercise to give participants experience in securing a machine, as well as conducting and reacting to the sort of attacks found in the real world. Reverse-engineering, network sniffing, protocol analysis, system administration, programming, and cryptanalysis are all skills which have been required in prior competitions.

There are two main styles of capture the flag competitions: attack/defense and jeopardy. In an attack/defense style competition, each team is given a machine (or small network) to defend on an isolated network. Teams are scored on both their success in defending their assigned machine and on their success in attacking other team’s machines. Depending on the nature of the particular CTF game, teams may either be attempting to take an opponent’s flag from their machine or teams may be attempting to plant their own flag on their opponent’s machine.

The jeopardy style is the most common for CTFs because it offers a list of tasks and teams/individuals can start working on each one right away. Usually the challenges are from different ranges of categories like web, forensics, crypto, etc.

In a CTF competition, a flag is usually an unique string introduced by the organisers in the challenge’s source code that, when discovered, will help you understand that you successfully solved the challenge. Most of the time, the flag has a standard flag format, for eg. DCTF{random string} but there are times when the flag is simply a random string.

Example of flags:

  • DCTF{677f42b2b8412b8f19f91990ec91b32e6ef750d9a91952efe561021f016c8688}
  • ECSC{THIS_IS_A_CORRECT_FLAG}
  • !CONGRaTS_Y0U_w0n!

You can expect to find challenges that were previously used in other competitions but in the future we plan to develop our own. Moreover, all of the challenges are grouped based on the difficulty (from Entry Level to Insane). Even more, challenges are divided by type so for instance you can choose to solve web related challenges when you want to sharpen your skills on web security and web exploitation, reverse engineering, forensics, network and traffic analysis, binary exploitation, cryptography, programming, mobile security and many more.

PS: Please keep in mind that the difficulty level was estimated by our staff and sometimes we might underestimate or overestimate difficulty based on our personal experience.

Since most of the challenges published were initially used in various international competitions, we decided to use the number of points the challenge had in those competitions. Sometimes, if the scoring used by the competition was not dynamic (starting high and decreasing based on the number of solvers), we also updated the scores in accordance to how the challenge performed in the competition.

Please keep in mind that sometimes a challenge which is classified as Easy in a “Final Phase” of a competition is much more difficult than a challenge with the same difficulty level/no. of points but in the “Qualification Phase” of the same competition.

When we added the challenges on CyberEDU, we updated most of the original flags. However, there are situations where this action would take too long, and we decided to keep the original flag. We strongly encourage you to solve the challenge by yourself, hence this is the only way to actually learn and why not remember what your mindset was a couple of years ago.

Some of the challenges cannot be published on CyberEDU since they might have some particular technicalities that make the transition to our infrastructure harder. For instance, it is quite impossible to make available a hardware challenge online.

The short answer is yes, we appreciate people who want to get involved in creating challenges. Please drop us a line with your request and let’s take it from there.

We’ve compiled a list of references to get you started.

Cryptography
  • https://class.coursera.org/crypto-preview
  • http://cryptopals.com/
  • A Graduate Course in Applied Cryptography – The book covers many constructions for different tasks in cryptography.
  • An Introduction to Mathematical Cryptography – Introduction to modern cryptography.
  • Crypto101 – Crypto 101 is an introductory course on cryptography.
  • Cryptography Engineering – Learn to build cryptographic protocols that work in the real world.
  • Handbook of Applied Cryptography – This book is intended as a reference for professional cryptographers.
  • Introduction to Modern Cryptography – Introductory-level treatment of cryptography written from a modern, computer science perspective.
  • OpenSSL Cookbook – The book about OpenSSL.
  • Practical Cryptography for Developers – Developer-friendly book on modern cryptography (hashes, MAC codes, symmetric and asymmetric ciphers, key exchange, elliptic curves, digital signatures) with lots of code examples.
  • Security Engineering – There is an extraordinary textbook written by Ross Anderson, professor of computer security at University of Cambridge.
  • Serious Cryptography – A Practical Introduction to Modern Encryption by Jean-Philippe Aumasson.
  • The Cryptoparty Handbook – This book provides a comprehensive guide to the various topics of the computer and internet security.
  • Understanding Cryptography – Often overlooked, this book is a boon for beginners to the field. It contains plenty of exercises at the end of each chapter, aimed at reinforcing concepts and cementing ideas.
Web application hacking
  • Hacker101 – Written by hackerone.
  • The Daily Swig – Web security digest – Written by PortSwigger.
  • Web Application Security Zone by Netsparker – Written by Netsparker.
  • Infosec Newbie – Written by Mark Robinson.
  • The Magic of Learning – Written by @bitvijays.
  • CTF Field Guide – Written by Trail of Bits.
  • The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws de Dafydd Stuttard
Reverse Engineering
  • Practical Malware Analysis de Michael Sikorski
  • The IDA Pro Book
  • Reverse Engineering for Beginners
  • Assembly Language for Intel-Based Computers (5th Edition)
  • Practical Reverse Engineering
  • Reversing: Secrets of Reverse Engineering
  • Practical Malware Analysis
  • Malware Analyst’s Cookbook
  • Gray Hat Hacking
  • The Art of Memory Forensics
  • Hacking: The Art of Exploitation
  • Fuzzing for Software Security
  • Art of Software Security Assessment
  • The Antivirus Hacker’s Handbook
  • The Rootkit Arsenal
  • Windows Internals Part 1 Part 2
  • Inside Windows Debugging
  • iOS Reverse Engineering
  • The Shellcoders Handbook
  • A Guide to Kernel Exploitation
  • Agner’s software optimization resources
Exploitation
  • Gray Hat Hacking The Ethical Hacker’s Handbook, Fourth Edition de Daniel Regalado
  • Hacking: The Art of Exploitation, 2nd Edition de Jon Erickson
  • Hacking – The art of exploitation
  • A bug Hunter’s Diary: A Guided Tour Through the Wilds of Software Security
  • The Shellcoder’s Handbook: Discovering and Exploiting Security Holes
  • Sockets, shellcode, Porting, and coding: reverse engineering Exploits and Tool coding for security professionals
  • Writing Security tools and Exploits
  • Buffer overflow attacks: Detect, exploit, Prevent
  • Metasploit toolkit for Penetration Testing, exploit Development, and vulnerability research
  • https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/
  • https://www.corelan.be/index.php/2009/07/23/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-2/
  • https://www.corelan.be/index.php/2009/07/25/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-3-seh/
  • https://www.corelan.be/index.php/2009/07/28/seh-based-exploit-writing-tutorial-continued-just-another-example-part-3b/
  • https://www.corelan.be/index.php/2009/08/12/exploit-writing-tutorials-part-4-from-exploit-to-metasploit-the-basics/
  • https://www.corelan.be/index.php/2009/09/05/exploit-writing-tutorial-part-5-how-debugger-modules-plugins-can-speed-up-basic-exploit-development/
  • https://www.corelan.be/index.php/2009/09/21/exploit-writing-tutorial-part-6-bypassing-stack-cookies-safeseh-hw-dep-and-aslr/
  • https://www.corelan.be/index.php/2009/11/06/exploit-writing-tutorial-part-7-unicode-from-0x00410041-to-calc/
  • https://www.corelan.be/index.php/2010/01/09/exploit-writing-tutorial-part-8-win32-egg-hunting/
  • https://www.corelan.be/index.php/2010/02/25/exploit-writing-tutorial-part-9-introduction-to-win32-shellcoding/
  • https://www.corelan.be/index.php/2010/06/16/exploit-writing-tutorial-part-10-chaining-dep-with-rop-the-rubikstm-cube/
  • https://www.corelan.be/index.php/2011/12/31/exploit-writing-tutorial-part-11-heap-spraying-demystified/
  • https://www.corelan.be/index.php/2010/01/26/starting-to-write-immunity-debugger-pycommands-my-cheatsheet/
  • https://www.corelan.be/index.php/2010/03/22/ken-ward-zipper-exploit-write-up-on-abysssec-com/
  • https://www.corelan.be/index.php/2010/03/27/exploiting-ken-ward-zipper-taking-advantage-of-payload-conversion/
  • https://www.corelan.be/index.php/2011/01/30/hack-notes-rop-retnoffset-and-impact-on-stack-setup/
  • https://www.corelan.be/index.php/2011/05/12/hack-notes-ropping-eggs-for-breakfast/
  • https://www.corelan.be/index.php/2011/07/03/universal-depaslr-bypass-with-msvcr71-dll-and-mona-py/
  • https://www.corelan.be/index.php/2011/11/18/wow64-egghunter/
  • https://www.corelan.be/index.php/2012/02/29/debugging-fun-putting-a-process-to-sleep/
  • https://www.corelan.be/index.php/2012/12/31/jingle-bofs-jingle-rops-sploiting-all-the-things-with-mona-v2/
  • https://www.corelan.be/index.php/2013/02/26/root-cause-analysis-memory-corruption-vulnerabilities/
  • https://www.corelan.be/index.php/2013/01/18/heap-layout-visualization-with-mona-py-and-windbg/
  • https://www.corelan.be/index.php/2013/02/19/deps-precise-heap-spray-on-firefox-and-ie10/
  • https://www.corelan.be/index.php/2013/07/02/root-cause-analysis-integer-overflows/
Other classes
  • http://www.cs.fsu.edu/~redwood/OffensiveComputerSecurity/lectures.html
  • https://github.com/isislab/Hack-Night
  • http://www.opensecuritytraining.info/Exploits1.html
  • http://ocw.cs.pub.ro/courses/cns