Stepping into the world of Information Security

Two months back, I had the opportunity to take part in the Secure Capture The Flag(sCTF) contest conducted at Amrita University, Amritapuri by Team bi0s(organizers of India Capture the Flag and one of the only teams from India that have done well in the international CTFs), as a part of the SecurIT (Security of Internet of Things) Conference. That got me interested in CTFs. The contest is named after the outdoor game wherein there are many flags hidden and each team’s objective is to capture the other team’s flags.

What interested me the most is that, in CTFs you get to deal with security issues in the real world. You have attacking, defending and then you need to score as well. This really does help in developing the habit of secure coding. In a CTF, you generally have a machines given to each team and they have to protect an isolated network. At the same time, they have to try to attack other teams’ network and capture the flags(this is might differ in various CTFs – it may even be required that you plant your flag in the  opponent’s machine. A CTF generally tests a team’s ability in various aspects of Information Security like cryptography and analysis, vulnerabilities in web , networking, forensics, reverse engineering, binary exploitation and many others.

Right now, I’ve started working in the area of binary exploitation. Binary exploitation is trying to find out vulnerabilities in code and trying to exploit them. Now the slightly difficult part is that the code is not given to you. You have to disassemble the executable(binary) of that code and try to understand where the vulnerability and for this you need to really good at assembly language. I’d like to become an expert in this field before I go to other areas. 🙂 I’ll be posting more about the two things that you need to know for binary exploitation.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s