Possible to add a CTF

[sam-aldis]

IDEA

---

Wandering if we could add a CTF for both the mobile and other tracks. Maybe a final challenge between Mobile, AI, Desktop etc. could be interesting and bring everyone together as one team?

Also maybe have the OWASP Breakers vs Defenders?

just an idea.

[tashjnorris]

@sam-aldis are you offering to run the CTF? I think this is a super idea so long as we can identify someone to own this.

[sam-aldis]

@tashnorrispbx I am happy to, if I can get enough backing and interest!

[sam-aldis]

@tashnorrispbx would like to enquire about sponsorship if I run this but I could have everything set up and ready as I want to run one within my own area. I would require a little bit of support with equiptment but only perhaps 2 machines and will create a VM to run on both. Perhaps scheduled for the last day? Is there anyone else I should be talking to?

[bkimminich]

@sam-aldis, best create a session page for the CTF and submit a PR. People can then add themselves to the session as participants to indicate interest.

Btw, if you don't find sponsors for VMs or prizes, you could still make it a just-for-fun-CTF - for example with https://bkimminich.gitbooks.io/pwning-owasp-juice-shop/content/part1/ctf.html ... only requires one machine with the score server - the rest can run on every participants own laptops!

[bkimminich]

@sam-aldis I'm closing this one because it's up to you to decide if you want to create a session for a CTF. Unless you already dropped the idea maybe look for co-hosts on Slack. Also if you want to make a simple Juice Shop CTF, just let me know - we could set that up even on short notice during the event and could just let it run all 5 days even. I just wouldn't want to be the main host for this as I'm focusing on content creation and planned working/user sessions.

[sam-aldis]

@bkimminich really sorry for the lack of getting onto git hub in the last few days.. life got in the way. Unfortunately I can't attend the event as I missed the date to apply for the owasp grant (again life) but I would be more than happy to get a setup that can be sent in for someone else if you could possibly ask if anyone can co-host on the site? I've already made a recent request on the OWASP leaders mailing list that's getting a lot of feedback so if you have a group you could really quickly push it out to?

[bkimminich]

No problem, I think the summit will be fine without a CTF, so I won't push one into it. If someone on site wants to set one up with Juice Shop they can just contact me directly.

[sam-aldis]

No problem, i may have an idea for something that could still be interesting but i will let you know and would distribute directly from the breakers repo on docker

Sent from my Windows 10 device

From: Björn Kimminich Sent: 02 June 2019 02:02 To: OpenSecuritySummit/oss2019 Cc: UKJP; Mention Subject: Re: [OpenSecuritySummit/oss2019] Possible to add a CTF (#124)

No problem, I think the summit will be fine without a CTF, so I won't push one into it. If someone on site wants to set one up with Juice Shop they can just contact me directly. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or mute the thread.