Resources

Recommended Setup

We recommend you set up a Kali linux virtual machine to do CTF challenges in as kali has most of the tools you will need already installed. To set this up follow these steps:

1. Download and install VirtualBox
2. Download the Kali Linux OVA
   • Torrenting this may speed up your download; to download a torrent you need a bittorrent client. Qbittorrent or Transmission are good free bittorrent clients.
3. Open VirtualBox
4. Press the “import” button in the top bar
5. In the popup select the downloaded Kali Linux OVA file
6. Press continue and agree to the terms
7. Press start to launch your VM
   • The default login credentials are username: kali password: kali

Presentations

Presentations 2022

No	Topic	Date	Files
	SQLi + Command Injection	01/03/23	pdf
14	Linux	15/02/23	pdf
10	Steganography	30/11/22	pdf
8	Cross-Site Scripting	16/11/22	pdf
4	Privilege Escalation	19/10/22	pdf
3	Command Injection	12/10/22	pdf
1	Welcome session	28/09/22	pdf

Presentations 2021

No	Topic	Date	Files
14	Big Hak Preppers	16/03/22	pdf
13	Reverse engineering + Cracking	02/03/22	pdf demo files
12	Wireless Attacks	16/02/22	pdf
11	Binary Exploitation	09/02/22	pdf demo files
10	Log4Shell	02/02/22	pdf
9	Memory Forensics	01/12/21	pdf
8	CTF things	17/11/21	pdf
7	Digital forensics	10/11/21	pdf
6	LFI + SSTI + SSRF + Prototype pollution	03/11/21	pdf
5	Password authentication and best practices	27/10/21	pdf
4	Linux essentials + PrivEsc	20/10/21	pdf
3	SQLi + XSS	13/10/21	pdf
2	Kali Setup + Command Injection	06/10/21	pdf
1	OSINT + Crypto	29/09/21	pdf

Presentations 2020

No	Topic	Date	Youtube
6	Binary	N/A	YouTube
5	Web Apps	N/A	YouTube
4	Wireshark	N/A	YouTube
3	OSINT	07/10/20	YouTube
2	CTF Setup	14/10/20	YouTube
1	Introduction to reverse engineering	21/10/20	YouTube

Presentations 2019

Topic	Date	Powerpoint	Pdf
Fresher’s session	25/09/19	pptx	pdf
Web exploitation	02/10/19	pptx	pdf
Networking and Forensics	09/10/19	pptx	pdf
Reverse Engineering	16/10/19	pptx	pdf
CTF Fundamentals	23/10/19	pptx	pdf

Learning resources

Description	Link
Gamified learning platform	Immersive Labs
Cyber security MOOCs	Cybrary
Web security training with burp suite	WSA by PortSwigger
Intro to security	Cyber Aces by SANS
Game related hacking (Req: knowledge of C/C++)	GuidedHacking
InfoSec livestreams list	InfoSecstreams
Exploit cheat sheet	HackTricks

InfoSec youtubers

• John Hammond (InfoSec news and tutorials)
• LiveOverflow (how to think in cyber sec)
• PwnFunction (vulnerability explanations)
• The Cyber Mentor (pen testing techniques)
• IppSec (HTB walkthroughs)
• Seytonic (cyber security news)

Vulnerable boxes / CTFs

Description	Link
Security related wargames	Over The Wire
Educational VMs and CTFs	Try Hack Me
Download vulnerable VMs	Vuln Hub
Vulnerable VMs hosted online	Hack The Box
CTF calendar	CTF Time
CTFs by NYU	CSAW CTF
CTFs - Qualifiers for Defcon ctfs	Defcon CTFs
Cryptography challenges	Cryptopals
RE challenges	IO Wargame
RE challenges by FireEye	FlareOn CTFs

Other Fun Tools

Category	Description	Tools
Networks	A network packet sniffer/analyser	Wireshark
Debugger	x86 debugger	OllyDbg
Reverse Engineering	NSA RE tool .text fix	Ghidra
Disassembler	X	IDApro (Freeware)
Disassembler	X	IDApro (Evaluation)
Decompiler	Java decompiler	JD-GUI
Decompiler	python decompiler	Uncompyle2
Web App	Web pen testing framework	Burp Suite
AutoRecon	Automatically scan services with an array of pentesting tools	AutoRecon