Thread subject: Security Override :: What challenge category did you most enjoy?

Posted by Override on 02/04/2014 14:47:24
#1

What challenge category did you most enjoy?
The answers to this poll will help us focus our efforts on expanding specific categories at this time. If you would like to see a new category please post a comment bellow. If there is a specif challenge in a category that you liked please post a comment and maybe leave some feed back if you can as to what aspect of the challenge made it more enjoyable for you. Also if you would just like to leave some feedback about a category it would be much appreciated as well.

Thank you in advanced to all that help with the poll and comments.

Posted by madsoft on 02/04/2014 14:58:59
#2

I'd go for realistic, even though I'm stuck at three at the moment :P
The closer to IRL the better (and more challenging I think). I wouldn't rule out the rest of the challenges, they're essential to grasping concepts and getting familiar with the diversity of possible attacks and counter measures.

Though I'm not even half way through the challenges, at the moment my vote goes to realistic.

Edited by madsoft on 02/04/2014 16:26:48

Posted by buglu on 02/04/2014 15:40:47
#3

I like realistic the most, because you will have to do multiple steps to end it. In that way I have more of a feeling im actually doing something.

I would love a more specific SQL/XSS category. because now there were only like 4 challanges, and 2 or 3 of them were easy. I didnt really have a feeling that I actually learned something like i had with "advanced".

So yeah it would be nice, if there were more challanges on xss/sql so I can learn more about the techniques.

Edited by buglu on 02/04/2014 15:41:14

Posted by thetechnophile on 02/04/2014 19:20:08
#4

I would say Forensics first, Decryption second. I'm still on the latter. My goal here is to learn how to do these things properly, using the correct tool each time so that I'm not spinning my wheels and get really good at it. I'm proficient. But I know where my weaknesses are. I'm no programmer and I know I need to become one if I ever want to get better. I'm willing to give anything a shot, though. I want to learn and I think this is the best site to do that. I noticed no one here has an ego and that helps, immensely.

Hope this helps you :) - Tara

Posted by hax366 on 02/05/2014 05:27:31
#5

add more real challenges its cool :)

try to add a web security category :) and web oriented challenges :)


Posted by Override on 02/06/2014 12:50:14
#6

Thanks everyone so far for the feedback appreciate it.

Posted by Teddy on 02/06/2014 14:02:09
#7

I am wondering if for realistic challanges an offline Webpage wouldn't be a little bit more appropriate. Due to the fact that they will behave more realistic than any simulated challange.


Posted by madsoft on 02/06/2014 15:22:40
#8

Teddy wrote:
I am wondering if for realistic challanges an offline Webpage wouldn't be a little bit more appropriate. Due to the fact that they will behave more realistic than any simulated challange.



Sounds interesting....
But how would you mold that in to a challenge?

Posted by Teddy on 02/06/2014 15:25:17
#9

Well I think that would be kinda hard. But people should be motivated to do them without points as well. In fact the point don't say much anyways.

Posted by madsoft on 02/06/2014 15:31:20
#10

Been thinking. A lot of challenges are focusing on endpoints (i.e. webservers and stuff).
It might be an idea to create some challenges that focus on the intermediate hops (routers 'n stuff).
Like: you want to DDOS a website, take over the next hop router to accomplish this.

Or more neat: your friends website is being DDOSed, it seems that someone has taken control of the next hop router. Take over control of this router and stop the attack.

Internet doesn't only contain servers, there is a lot in between that deserves our attention ;)

Posted by madsoft on 02/06/2014 15:33:52
#11

Teddy wrote:
Well I think that would be kinda hard. But people should be motivated to do them without points as well. In fact the point don't say much anyways.


You're right about that.

...

Though I'd still rather see myself as an elite than as a scriptkiddie ;)

Posted by Teddy on 02/06/2014 15:34:46
#12

I don't know how hard easy that would be to implement.

Do you think about joining IRC yet?

Posted by madsoft on 02/06/2014 17:18:17
#13

Teddy wrote:
I don't know how hard easy that would be to implement.

Do you think about joining IRC yet?


Not sure either. There are things like GNS3 to emulate this, but then I'm not an expert in setting up challenges.

Joining IRC... Do you think I should?

Posted by Override on 02/08/2014 20:54:30
#14

This is something we can look into. Not sure at this point if it is something that can be practically implemented but definitely something we can do some research on.

Posted by madsoft on 02/10/2014 04:24:22
#15

Cool. Looking forward to any results on that matter B)

Posted by T3RM1N4L on 05/18/2014 22:47:49
#16

I would have to say Decryption, & Forensics...

I would love to see ALOT more to come though!!

Posted by BAD C0D3 on 07/08/2014 11:59:39
#17

i enjoyed the js challenges more because it combines different challenges and i have solved most of them i also enjoyed cracking but it was a bit easy i solved them in less than 2 mins except the one that needs .net framework and i dont think it is harder than the others maybe it can be solved by looking at the source
please add more challenges not that easy and not unsolvable