This repository was created with the aim of build an hub that contains all the write-ups related to the cyber security challenges and CTFs.
All the material was developed for the 'Security' (first and second part) Ca' Foscari University master's degree course in 'Software Dependability and Cyber Security' (2018/2019).
This theoretical and practical (laboratory) course teached me techniques that, if used on real systems and applications, might constitute an illegal act. I've studied these techniques with the unique purpose of understanding how to program secure applications and how to prevent possible attacks on the software developed.
Every challenges was designed to get used and to put into practice in 'real' world situations some new cybersecurity concepts/technologies as reported in the following list.
- Alienquiz: Python, RegEx;
- Overshade: GDB debugger, Buffer/Stack overflow attacks, Encryption;
- Starcalc: GDB debugger, Stack overflow attacks, Format string attacks;
- OTPizza: Firewalls, Access control, Identification;
- RMB: Server-side web attacks, Blind SQL injection;
- Obxssession: Client-side web attacks , XSS (Cross-site scripting);
- Crackme: GDB debugge, IDA disassembler, Reverse engineering;
- Flagshop: Server-side web attacks, PHP vulnerabilities;
The material is available under the Apache 2.0.