Students of the Computer Science program of Inholland University and the Hague University of Technology visited ITsec for a security workshop 'Capture the Flag'.
On Friday afternoon, May 12th, sixteen students from the Inholland High School entered the ITsec building in Haarlem. In the context of their education they participated in the Security workshop of ITsec. This workshop is also called a pizza session. Under supervision of ITsec collegues, and of course enjoying pizza, the idea of pentesting is on the agenda. A “sandbox” has been created with a unpatched Windows 2003 server and a vulnerable web application.
Students can attack the Windows server during the first part of the workshop. In and around the server are hidden tokens that students can collect, but the real goal is, of course, take control of the server and capture the flag. The students took there time to put some load on the server. Everything what they could think of was fired on the server. After this, the next section, the web application, started. The vulnere web application is prepared with hidden tokens, nineteen to be exact. The tokens are hidden at both obvious and challenging locations. Many vulnerabilities can/need to be used to capture the tokens. The winner is the student who collected the most tokens.
On Tuesday, May 16, it was the turn of the students of the Hague University of Technology to challenge their skill set on the ‘sandbox’ environment. This time on site during a internship market. The students had some extra difficulty (read: challenge) this time. The workshop was time boxed to just 45 minutes. Luckily, that was not a problem for them!
ITsec provides practical security workshops and trainings. Theory and practice are exchanged in a fun and interactive way. ITsec uses open source applications for its trainings, but has also developed several own ‘labs’ and applications that support it. If desired, the training is can be fully adjusted to serve a specific purpose. Find out more about our trainings at https://www.itsec.nl/services/training