WebGoat CTF workshop presented at Bsidesamsterdam 2017

by Nanne Baars,

Summary : In the world of application security a 'Capture the Flag' event is a competition where contestants race to complete hacking challenges. A server is setup that is knowingly vulnerable, and teams try to hack the system as quickly as they can and 'grab the flag' first. • In Part 1 of this session we introduce everyone to the world of 'Capture the Flag' (CtF) competitions, how to hack the server and complete the challenges, and some other skills. In Part 2, everyone will get their laptops out and compete in a real CtF competition. • In Part 2, everyone will get their laptops out and compete in a real CtF competition. During the workshop we will also focus on some of the challenges to give more background information about the vulnerability at hand and show some mitigations.