Explore the journey from Capture The Flag (CTF) competitions to Common Vulnerabilities and Exposures (CVE) discovery in this 56-minute conference talk by Joe Gray at LevelUp 0x03. Gain insights into applying CTF concepts to real-world scenarios, learn about the responsible disclosure process, and understand how persistence led to a vulnerability disclosure. Discover various types of CTFs, where to find them, and their commonalities. Examine the limitations of CTFs and how to bridge the gap between these competitions and practical security research. Follow along as Gray shares his experience uncovering vulnerabilities in a wireless router, highlighting the importance of continuous learning and skill application in cybersecurity.
Overview
Syllabus
Intro
Who am I
Objectives
Quick definitions
Types of CTF
Where to find CTF
Common CTF commonalities
Specialized CTFs
Kali
Not being realistic
Too vulnerable
gimmicky game
bug bounties
open CTFs
security research
security team
OSWP
How to secure a router
Setup
Password Change
Login
What do we do
DLink
Vulnerability disclosure
Learning the process
DEFCON 404
Cert
Full Disclosure
Not all CTS are garbage
Hacking Glasses
Future Speaking engagements
Questions
Next logical step
Taught by
Bugcrowd
