git ready: Information Security

In this installment of git ready I set out to become the worlds best ethical hacker. Unfortunately I didn’t achieve this goal. However, I did come away with a huge respect for the information security sector as well as a want to become part of it.

My main approach to improving my security skills was to participate in as many capture the flags as I could. A capture the flag is a series of challenges that you must retrieve the flag from in order to mark it as complete. If you want to read the solutions to the CTFs I came up with check out my repo here

The first CTF I worked through was PicoCTF. Pico taught me the basics of how to approach these challenges as well as giving me a solid foundation in the most basic exploits. One of the more interesting attacks I learnt about was the format string attack which is as simple as placing a ‘%x’ in a string which causes the c program to read from the stack.

The second CTF I took part in was IceCTF. This CTF was actually live when I took part in it which made it particularly interesting. This CTF mostly helped me get a real grip on the toolkit that you need to use in order to be an excellent ethical hacker.

Since completing these CTFs I have actually been accepted to go to ‘init.g’ which is an information security workshop and CTF run by Google in London. I am really excited to put what I have learnt this month into practice and hopefully I can impress some people at Google.

Unfortunately I didn’t get to spend as much time as I would have hoped on my project this month. I spent most of this month completing and intensive three week group project for University. I found it hard to take time out of my project as we always had a huge backlog of work to get through so putting any of it off would have had an impact on how much we could have completed. Hopefully this month I will be able to allocate more time to my project as I really do enjoy them.

This month my plan is to do a basic project but brining lots technology I am new to together. The aim is to get to grips with the stack I plan on using for my Honours project so that I can hit the ground running when it comes to it. This months project will be a simple todo list. However, this todo list will hopefully have an accounts system as well as a way to share todo lists. I am also really keen to setup a CI pipe from the start.

If you have any tips for how to improve this blog drop me a message on LinkedIn or an email at gavin.henderson@hotmail.co.uk

Written on October 4, 2018