CAPTURE THE FLAG - BATTLE OF THE SOCS SOUTH AFRICA

Playground is F-Secure’s global on-demand platform for hands-on cyber security training and capture the flag challenges. In this session, your team can test your security skills in lifelike scenarios and think like attackers would.

What to expect:

Four hours of fast-paced fun, with the added benefit of learning between peers and via other skilled competitors.

Challenges on the day:

• Test your application security skills by using SQL injection points, and running arbitrary command executions to find holes in our staged retail app.
• With access to a small Active Directory network; you must escalate from an insecure third-party web application, through an Active Directory network up to Domain Admin.
• Exploit different misconfigurations to take over a GitLab CI pipeline, extract secrets from runners, and eventually gain admin access to a web server.

Prerequisites to attend:

• You need to compete in a team of 4 - 8 members.
• This event requires intermediate to advanced hands-on hacking and pen testing experience. Prepare to be challenged!
• Each participant is required to register individually. Once we have provided you with access to Playground, you will be able to group into your teams.

What do I need to prepare beforehand? 

• One week prior to the event, you will get an access key to register an account on Playground. 
  
• After registering your account, you need to spin up a sandbox to test access it.
  

How do I access the sandboxes? 

During the event, you’ll be able to spin up a sandbox containing the challenges. 

There are two methods of access: 

• Remote Desktop Gateway: You only need a modern web browser (Chrome, Firefox, Safari). 
• VPN: You’ll need an OpenVPN client and a virtual machine with common hacking tools such as Kali Linux. 

Note: You need to test access beforehand, as corporate proxies and networking restrictions can prevent you from accessing our sandboxes.