Difference between revisions of "OWASP University Challenge"

From OWASP
Jump to: navigation, search
m
(Presentation)
 
(46 intermediate revisions by 4 users not shown)
Line 1: Line 1:
=What is=
+
=Main=
=How to get the UC at your conference=
+
 
==Requirement:==
+
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div>
- event is related to a conference
+
 
--> Remote
+
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
--> Local
+
| valign="top"  style="border-right: 1px dotted gray;padding-right:25px;" |
 +
 
 +
==OWASP University Challenge ==
 +
 
 +
 
 +
The University Challenge is a competition among teams comprised of university students that will be held during the training days of the larger OWASP AppSec conferences (AppSec US, AppSec EU, …).
 +
 
 +
* There is no admission fee for the University Challenge – participation in the conference is possible for free.
 +
 
 +
* During the University Challenge teams will solve mission style security challenges using the Hacking-Lab framework.
 +
 
 +
* The OWASP University Challenge could be limited to 8 teams, depending on available space and budget. Teams will consist of 4-8 students, with one team per university.
 +
 
 +
* All team openings are on a first come first serve basis. If multiple teams are received from the same university the second team will be put on a wait list.
 +
 
 +
* All team members must be registered. Registration for the University Challenge event is free.
 +
 
 +
* Food and beverages will be provided during the challenge and all participants will get an OWASP University Challenge t-shirt. Of course, the first three winning teams will get some small prizes (to be announced).
 +
 
 +
==Introduction==
 +
 
 +
The OWASP University Challenge is a one or two day mission style security challenge event during the AppSec conferences training days!
 +
University / Student teams can compete solving hack challenges and defending insecure applications.
 +
 
 +
==Attack-Defense System==
 +
[[File:Attack-Defense.png|left|Hacking-Lab]]The challenges are even more dynamic and realistic now. Instead of just solving different security challenges, teams carry out a virtual online battle against each other in an attack-defense based competition, also known as CTF system. If you are interested to learn more about the CTF system, you will find here more information: [http://www.hacking-lab-ctf.com CTF System]
 +
 
 +
 
 +
| valign="top"  style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |
 +
 
 +
== What is the OWASP UC? ==
 +
 
 +
* [https://www.owasp.org/index.php/OWASP_Hacking_Lab OWASP Hacking-Lab]
 +
 
 +
== Information ==
 +
 
 +
The AppSec conference should take care of:
 +
*Venue / rooms during the conference training days
 +
*Feed the students
 +
*Local pr / announcements at local Universities
 +
 
 +
== Presentation ==
 +
 
 +
== Project Leader ==
 +
 
 +
[mailto:Ivan.buetler@owasp.org Ivan Buetler]
 +
 
 +
[mailto:Mateo.martinez@owasp.org Mateo Martinez]
 +
 
 +
 
 +
== Related Projects ==
 +
 
 +
[[OWASP Student Chapters Program]]
 +
 
 +
| valign="top"  style="padding-left:25px;width:200px;" |
 +
 
 +
== Quick Download ==
 +
 
 +
 
 +
 
 +
== News and Events ==
 +
 
 +
 
 +
== In Print ==
 +
 
 +
==Classifications==
 +
 
 +
  {| width="200" cellpadding="2"
 +
  |-
 +
  | align="center" valign="top" width="50%" rowspan="2"| [[File:Owasp-incubator-trans-85.png|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]]
 +
  | align="center" valign="top" width="50%"| [[File:Owasp-builders-small.png|link=]] 
 +
  |-
 +
  | align="center" valign="top" width="50%"| [[File:Owasp-defenders-small.png|link=]]
 +
  |-
 +
  | colspan="2" align="center"  | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]
 +
  |-
 +
  | colspan="2" align="center"  | [[File:Project_Type_Files_CODE.jpg|link=]]
 +
  |}
 +
 
 +
|}
 +
 
 +
=Set Up=
 +
==Conference Organisation:==
 +
* Announcement
 +
* Room / Space for the University Challenge
 +
** Internet connection
 +
** Video projector (scoring/ranking)
 +
** Power and extensions
 +
* Outreach to the local Universities
 +
* Sponsor for winner prizes
 +
* Winner announcement during the main track / (before) end of the conference
 +
 
 +
==Outline:==
 +
During the two training days
 +
* challenges will be organized together with [https://www.hacking-lab.com Hacking-Lab]
 +
* Hardware (challenge server) come from [https://www.hacking-lab.com Hacking-Lab]
 +
* Hardware (wilreless routers) come form the Education Committee
 +
 
 +
==Expenses:==
 +
* Travel and lodging has to be organized and covered by the student teams themselves, the conference should feed the students
 +
 
 +
* Travel and lodging of the University Challenge project leader (running the challenge) is covered by the conference
 +
 
 +
* It is recommended to give the University Challenge teams free entrance to the conference
 +
 
 +
==Prices:==
 +
We could need the conference organization team to help finding sponsors for the prices.
  
 
=University Challenge Events=
 
=University Challenge Events=
==Upcoming events:==
 
 
==Previous events:==
 
==Previous events:==
 +
*[https://www.hacking-lab.com/references/AppSec_EU_2016_Rome/ AppSec EU 2016 Rome]
 +
*[https://www.hacking-lab.com/references/AppSec_EU_2015_Amsterdam/ AppSec EU 2015 Amsterdam]
 +
*[https://www.hacking-lab.com/references/AppSec_EU_2014_Cambridge/ AppSec EU 2014 Cambridge]
 +
*[https://www.hacking-lab.com/references/AppSec-EU-2013-University-Challenges.pdf AppSec-EU 2013 Hamburg]
 +
*[https://www.hacking-lab.com/references/OWASP-AppSec-Athen-2012/ AppSec-EU 2012 Athens]
 +
*AppSec-US 2012 Austin
 +
*AppSec-US 2011 Minneapolis
 +
 
==Ticket winning" pre-conference challenges:==
 
==Ticket winning" pre-conference challenges:==
 
-> option for conference to offer free tickets via solving Hacking-Lab challenges  
 
-> option for conference to offer free tickets via solving Hacking-Lab challenges  
 
-> qualifying for UC? -> Team qualifying
 
-> qualifying for UC? -> Team qualifying
  
=Event Organisers=
+
=FAQs=
==responsibilities:==
+
 
Conference Organisation:
+
    Q1: When typically has the event run at AppSec, during the training days or during conference proper?
- Announcement
+
    A1: The UC is normally hosted during the training days
- event room
+
 
--> internet connection required
+
    Q2: What size of room or seating capacity has typically been used?
- outreach to the local Universities
+
    A2: Depending to the PR and number of teams (teams have a max of 8 members)
- sponsor for winner prizes
+
 
- winner announcement during the main track / (before) end of the conference
+
    Q3: What prizes are usually awarded?
 +
    A3: depends, if the conference manages to find sponsors there are prices. At the AppSec-Eu 2013, there where no prices, only the honor of winning
 +
 
 +
    Q4: Do the teams  have free conference access?
 +
    A4: No, the teams have to organize travel and lodging themself. all we do is hosting the UC and feed them.
 +
    There are no entrance / attendance fees charged previously
 +
    The attendees usually get free access to the conference (because they travel from foreign countries too)
 +
 
 +
 
 +
= Acknowledgements =
 +
==Hacking-Lab==
 +
The University Challenge is run by the OWASP/Hacking-Lab project. Real knowledge derives from hands-on experience.
 +
 
 +
===About Hacking-Lab===
 +
[[File:Hacking-Lab.png|left|Hacking-Lab]]Hacking-Lab is an online ethical hacking, computer network and security challenge platform, dedicated to finding and educating cyber security talents.
 +
Furthermore, Hacking-Lab is providing the CTF and mission style challenges for the OWASP University Challenges and for the European Cyber Security Challenge. The Hacking-Lab also provides free OWASP TOP 10 online security labs. Hacking-Labs’ goal is to raise awareness towards increased education and ethics in information security through a series of cyber competitions that encompass forensics, cryptography, reverse-engineering, ethical hacking and defense.
 +
 
 +
 
 +
 
 +
Learn more about:
 +
* [https://www.hacking-lab.com Hacking-Lab]
 +
* [https://www.owasp.org/index.php/OWASP_Hacking_Lab OWASP Hacking-Lab]
  
=Event Particioners=
+
= Road Map and Getting Involved =
*HOWTO sign up
+
* University Challenge 2017 @ AppSec EU in Belfast (Martin Knobloch)
*HOWTO prepare
 
  
 
=Project About=
 
=Project About=
{{:Projects/OWASP_University_Challenge}}  
+
{{:Projects/OWASP_University_Challenge}}  
  
[[Category:OWASP Project]]
+
__NOTOC__ <headertabs />
  
<!-- Don't remove this tags below -->
+
[[Category:OWASP Project]]  [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]]  [[Category:OWASP_Document]]
__NOTOC__
 
<headertabs/>
 

Latest revision as of 09:27, 7 July 2016

OWASP Project Header.jpg

OWASP University Challenge

The University Challenge is a competition among teams comprised of university students that will be held during the training days of the larger OWASP AppSec conferences (AppSec US, AppSec EU, …).

  • There is no admission fee for the University Challenge – participation in the conference is possible for free.
  • During the University Challenge teams will solve mission style security challenges using the Hacking-Lab framework.
  • The OWASP University Challenge could be limited to 8 teams, depending on available space and budget. Teams will consist of 4-8 students, with one team per university.
  • All team openings are on a first come first serve basis. If multiple teams are received from the same university the second team will be put on a wait list.
  • All team members must be registered. Registration for the University Challenge event is free.
  • Food and beverages will be provided during the challenge and all participants will get an OWASP University Challenge t-shirt. Of course, the first three winning teams will get some small prizes (to be announced).

Introduction

The OWASP University Challenge is a one or two day mission style security challenge event during the AppSec conferences training days! University / Student teams can compete solving hack challenges and defending insecure applications.

Attack-Defense System

Hacking-Lab
The challenges are even more dynamic and realistic now. Instead of just solving different security challenges, teams carry out a virtual online battle against each other in an attack-defense based competition, also known as CTF system. If you are interested to learn more about the CTF system, you will find here more information: CTF System


What is the OWASP UC?

Information

The AppSec conference should take care of:

  • Venue / rooms during the conference training days
  • Feed the students
  • Local pr / announcements at local Universities

Presentation

Project Leader

Ivan Buetler

Mateo Martinez


Related Projects

OWASP Student Chapters Program

Quick Download

News and Events

In Print

Classifications

Owasp-incubator-trans-85.png Owasp-builders-small.png
Owasp-defenders-small.png
Cc-button-y-sa-small.png
Project Type Files CODE.jpg

Conference Organisation:

  • Announcement
  • Room / Space for the University Challenge
    • Internet connection
    • Video projector (scoring/ranking)
    • Power and extensions
  • Outreach to the local Universities
  • Sponsor for winner prizes
  • Winner announcement during the main track / (before) end of the conference

Outline:

During the two training days

  • challenges will be organized together with Hacking-Lab
  • Hardware (challenge server) come from Hacking-Lab
  • Hardware (wilreless routers) come form the Education Committee

Expenses:

  • Travel and lodging has to be organized and covered by the student teams themselves, the conference should feed the students
  • Travel and lodging of the University Challenge project leader (running the challenge) is covered by the conference
  • It is recommended to give the University Challenge teams free entrance to the conference

Prices:

We could need the conference organization team to help finding sponsors for the prices.

Previous events:

Ticket winning" pre-conference challenges:

-> option for conference to offer free tickets via solving Hacking-Lab challenges -> qualifying for UC? -> Team qualifying

   Q1: When typically has the event run at AppSec, during the training days or during conference proper?
   A1: The UC is normally hosted during the training days
   Q2: What size of room or seating capacity has typically been used?
   A2: Depending to the PR and number of teams (teams have a max of 8 members)
   Q3: What prizes are usually awarded?
   A3: depends, if the conference manages to find sponsors there are prices. At the AppSec-Eu 2013, there where no prices, only the honor of winning
   Q4: Do the teams  have free conference access?
   A4: No, the teams have to organize travel and lodging themself. all we do is hosting the UC and feed them.
   There are no entrance / attendance fees charged previously
   The attendees usually get free access to the conference (because they travel from foreign countries too) 


Hacking-Lab

The University Challenge is run by the OWASP/Hacking-Lab project. Real knowledge derives from hands-on experience.

About Hacking-Lab

Hacking-Lab
Hacking-Lab is an online ethical hacking, computer network and security challenge platform, dedicated to finding and educating cyber security talents.

Furthermore, Hacking-Lab is providing the CTF and mission style challenges for the OWASP University Challenges and for the European Cyber Security Challenge. The Hacking-Lab also provides free OWASP TOP 10 online security labs. Hacking-Labs’ goal is to raise awareness towards increased education and ethics in information security through a series of cyber competitions that encompass forensics, cryptography, reverse-engineering, ethical hacking and defense.


Learn more about:

  • University Challenge 2017 @ AppSec EU in Belfast (Martin Knobloch)
PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP University Challenge (home page)
Purpose: As first time organized at the OWASP AppSec-US 2011 in Minneapolis, this project is to enable "attack & defend" challenges.

First, at OWASP AppSec conferences, later also to enable this outside AppSec conferences.

License: Creative Commons Attribution ShareAlike 3.0 License
who is working on this project?
Project Leader(s):
  • Ivan Buetler @
  • Mateo Martinez @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact Ivan Buetler @ to contribute to this project
  • Contact Ivan Buetler @ to review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases