Capture The Flag

Questions about our CTF? Contact us at: ctf@bsidescalgary.org

Who can participate in the CTF?

BSides Calgary 2021 CTF is open to all players of any skill level, with no qualification required. Come on by, try out the game, learn something new, and meet interesting people!

Due to possible limitations, BSides Calgary MAY need to limit the number of teams able to participate. We will attempt to accommodate all participants but registration will be on a first come, first serve basis.

About BSides Calgary CTF 2021

According to most internet definitions a cyber CTF is contest in which computer security professionals test their skills and knowledge against live computer systems and networks or digital artifacts like malware samples, packet captures and memory dumps. Points are scored when contestants solve the challenges, though unlike answering Jeopardy questions, contestants will need to use security testing tools and techniques to solve the challenges. BSides Calgary CTF has always taken things a little further, a number of the questions will require contestants to do hands-on hacking against a cyber range that mimics a typical organization.

All BSides attendees, speakers, vendors and volunteers are welcome to play at no charge. Connection to the contest will be via OpenVPN and players can use tools of their choice. Like all good contests there are some very nice prizes for the best scores at the end of the two days.


Updates for 2021

This time last year the small engineering company providing ICS system development and integration services that is modeled in the cyber range had just acquired a former customer. The process of merging networks and migrating users had just started, since that time founders Jane Woolcock and Sandra Smythe are now more aware of the complexities of merging technologies. They have tasked I.T and O.T leaders to explore third party service providers to assist with the workload, allowing their best and brightest to focus on some of the more complex integration issues and accelerate the R&D synergies promised to investors.

When I.T. service providers like Kaseya, Accenture and Cognizant publicly admit to falling victim to compromise the new normal must include considering third party interactions as yet another cyber attack vector. The CTF team put in an extensive amount of effort to add this context to the cyber range for this year in addition to more traditional targets.

The BSides Calgary CTF is a safe place to practice using security testing tools on live systems with permission. This year Bow Valley College has also sponsored a cloud based training class providing Kali Linux testing computers that can be accessed with a web browser, see Hacking 101 seminar times in the program.

The conceptual network diagram below would often be provided to potential customers when responding to questions related to vendor cyber security practices, or demonstrating progress on merger activities to non-technical audiences. Like actual network diagrams it bears only a modest similarity to what is actually on the wire.


And just one more thing

Certain targets may trigger codes in Twitter and the odd game inject, consider following @YYCBSidesCTFAlerts for the contest.