So, it’s been a while since we’ve done anything on SA. Honestly my new gig at HP/Fortify (Director of Pentesting) has kept me busy. I did get a chance to play the Mozilla CTF though with a few other HP/Fortify pentesters.
The competition was a worldwide CTF run by Mozilla. The Mozilla CTF (capture the flag) competition consisted of 22 progressively harder web application and binary assessment problems.
I’m happy to say out of 150 scoring teams (including other security outfits), the team we played with, epicfail, got 5th place. The guys we played with were top notch, all from the UCSB security group. With our powers combined we were Captain Planet.
The competition was well run, and i liked it because they made good web challenges, not generic stuff, but really hard/obscure web stuff. Its hard to find good web ctf’s! They also included the idea of chaining web exploits in their challenges. That was fun.
Hopefully i’ll get to posting some more content soon and I’ve poked James (and purposefully put him on the spot here) to write something up. Hope everyone had an awesome holiday season… here’s to hacking in 2012!!