Last Class Wrap-Up
Thanks for a great class! We hope you enjoyed learning about CTFs!
Let’s look at all the things you’ve learned:
General
- CTF culture
- Python skills
- Bash skills
- Communicating with servers
Cryptography
- Hash functions
- Dictionary attacks
- XOR
- One-time pad
- Block ciphers
- Modular arithmetic
- Diffie-Hellman
- Chinese Remainder Theorem
- Discrete log
- Pohlig-Hellman
- Euler’s totient
- GCD
- Modular inverse
- RSA
Web
- HTTP requests
- GET vs. POST
- Headers
- Cookies
- Using curl to make HTTP requests
- Scripting HTTP requests using Python requests library
- SQL
- SQL injection
- Cross-site request forgery
Binary
- C
- Pointer arithmetic
- Memory (stack & heap)
- Assembly
- Compiling (nasm & ld)
- Reverse engineering
- Radare2
- Analyzing binaries and functions with rabin2
- Binary exploitation
- Buffer overflows
- Writing and using shellcode
- Return oriented programming (ROP)
- Automating exploit development with pwntools
- Debugging payloads with rarun2
Forensics
- Image representation
- Least-significant bit steganography
- Using various tools to detect steganography
- Computer networking
- Networking protocols
- Analyzing network traffic with Wireshark
- Memory dump analysis with Volatility
Things we did not cover
- Elliptic curve cryptography
- Format string vulnerabilities
- Heap vulnerabilities
- Scripting with radare
- Burp Suite
- PHP vulnerabilities
- Template injection
- File upload attacks
- Cross-site scripting
- XML external entity attacks
- Audio file analysis