To assist students with their preparation for the competition, we have made resources available below that covers the basics in Ethical Web Hacking, Network Forensics and Cryptography. We also strongly encourage students to look for more resources on the internet to further their abilities.
How do I get started with Ethical Web Hacking?
A good way to get introduced to the concept of ethical web hacking is to become familiar with the Burp Suite proxy tool and attempt web hacking challenges within the WebGoat platform. The following links below contain resources that introduce you to key concepts in web hacking, instructions for setting up WebGoat and Burp Suite along with some recommended challenges in WebGoat.
- Ethical Web Hacking Summary Slides
- Ethical Web Hacking Reference Manual with Recommended WebGoat Challenges
- Burp Suite Tool
- Introduction to Burp Suite YouTube Video
- WebGoat Framework
- If you are having difficulties solving the WebGoat challenges, we suggest you use the ‘Hints’ button above each problem for some extra guidance (or the ‘Solution’ button if you are really stuck).
How do I get started with Network Forensics?
To become more comfortable with network forensic problems, we suggest you get started by familiarising yourself with the WireShark tool to quickly search and filter out information from packet capture (PCAP) files. We have also provided a link to a website that introduces a few UNIX commands for filtering out information from log files, with a focus on web server logs.
- WireShark Tool
- WireShark Sample Packet Capture Files
- Introduction to WireShark Video
- Introduction to Basic Log Analysis Commands in Unix
- Sample HTTP Log File
How do I get started with Encoding and Cryptography?
There are a lot of resources on the internet about cryptography and character encoding, with examples and practice problems that you can work through. To get you started, we prepared a brief handout that introduces some basic concepts, along with some links to useful YouTube videos.