2023 Spring Training Schedule
We will have several written/video-based remedial content sessions before we begin training for Spring 2023 (the timing will be prior to the start of Spring 2023 training).
For the spring 2023 program, we will continue to use the same weekly training format as before, and we will accept your suggestions to add a sharing and combination of questions to the training, and add more practical content in addition to theory.
Each week, I will also post an archived replay of a recent competition, or a self-practice session on a selected topic, which you are free to arrange according to your schedule. Of course, if there is a competition planned for the week, the competition topic review will be delayed/reduced/cancelled.
Remedial Content Session
In these tutorials, I will sync the written content to our wiki for use as an introduction to cybersecurity, currently selected content is
- What is cybersecurity and the hacker attitude.
- Installation and basic operation of Linux-based operating systems.
- Simple programming using the Python language, including math, networking and image processing.
- How to use Sagemath to perform mathematical operations.
- Network packet capture and analysis via Burp Suite or Fiddler.
- Understanding file structure and using a hex editor.
- Reverse executables such as ELF and PE via IDA or Ghidra.
- Basic content and exploitation of binary vulnerabilities.
- Creating containers with Docker and container management with K8S.
This content will be updated gradually in the form of written materials or video images and will not be available in offline training sessions.
Spring 2023 Program
In the spring 2023 program, we have two components: recruitment of new members and advanced training. After a semester of competition and training, everyone's cybersecurity level and ability have been improved, and I will focus on deepening learning in a certain direction in this semester.
I will not recruit too many new members in this semester, and the final recruitment will still be conducted through the competition, mainly for the freshmen of 2022, and the number of recruits will be mainly used to make up for the number of members who will graduate after this semester.
The number of recruits will be used to make up for the number of members who will graduate after this semester. The spring 2023 offline training and competition questions will be updated on this page.
| Topic | Category | Attachment | Date |
|---|---|---|---|
| Network Sniff: Introduction | Web | https://ithelp.ithome.com.tw/articles/10245117 https://ithelp.ithome.com.tw/articles/10245119 https://ithelp.ithome.com.tw/articles/10246315 https://ithelp.ithome.com.tw/articles/10246917 |
Feb. 26th, 2023 |
| Network Sniff: Multi-platform | Web | https://frida.re/docs/android/ | March. 5th, 2023 |
| Network Scan | Web | https://websec.readthedocs.io/zh/latest/index.html | March. 12th, 2023 |
| Ethereum and Solidity: Introduction | Blockchain | http://www.snowywar.top/?p=3848 | March. 25th, 2023 |
| Ethereum and Solidity: Practice | Blockchain | http://www.snowywar.top/?p=3848 | April. 2nd, 2023 |
| IoT Security | IoT | https://paper.seebug.org/2048/ | May. 7th, 2023 |
| PWN: Stack | PWN | https://ir0nstone.gitbook.io/notes/ | May. 14th, 2023 |
| PWN: Heap | PWN | https://ir0nstone.gitbook.io/notes/ | May. 14th, 2023 |
| PWN: Kernel | PWN | https://ir0nstone.gitbook.io/notes/ https://paper.seebug.org/2036/ |
May. 21st, 2023 |
| Real-World Security: Penetration | RW | https://www.ired.team/ | May. 28th, 2023 |
| Real-World Security: Malware | RW | https://www.ired.team/ | June. 4th, 2023 |
| Real-World Security: Summary | RW | https://www.ired.team/ | June. 11th, 2023 |
Summary
Contact me: liz33@mail.sustech.edu.cn
You can also send emails or communicate with Prof. Zhang. About the academic project and the COMPASS lab-related component, I will post later.