LIVE HACKING CHALLENGES
Registration Required and OPEN NOW!
‘Lil Chompy took over and frankly we can’t stop them. Once that gator gets an idea it’s all tails and teeth. It’s easier to just go along. Check out this announcement video below.
What is BSides Orlando Byte Sized?
Borrowing from our friends at KernelCon their Hack Live! event was such a wild success we said, “We have to try this.” The Hack Live! event was a live stream where professionals were given CTF style challenges written by other professionals and the audience got to watch as they tried to solve the challenge live. Often they weren’t able to solve it which was part of the fun. Even experts, when given a time limit and no prep, can fail. It’s not just beginners. At the end of each segment the challenge creator would come into the stream and help with/explain the challenge. Check out the videos here.
Seriously, check out Joe “Kingpin” Grand solve his hardware challenge. You won’t be disappointed. KernelCon and Major League Hacking did such an amazing job. Check out the Major League Hacking Twitch Channel where they do this every Sunday.
For BSides Orlando Byte Sized four challenges will be streamed with a professional that regularly works within the area of each challenge. They will be paired with a team of participants. The pro will get no additional information about the challenge. They have to solve the challenge in 90 minutes, but they don’t beat it if only they solve it. Each member of the team has to solve their part of the challenge. If they don’t beat the challenge in 90 minutes the challenge creator will come into the stream and walk everyone through how the challenge was created and how to solve it.
Part educational exercise, part entertainment, part CTF. That is BSides Orlando Byte Sized! Streamed live so everyone can learn! There are no winners beyond bragging rights and the knowledge we all gain!
Who are the Pro Coaches?
We have a fantastic crew of professionals that will work with our participants to solve challenges and help teach everyone watching.
RED TEAM AND Physical entry Specialist
Hahna Kane Latonick
INSTRUCTOR / AUTHOR / REVERSE ENGINEERING SPECIALIST
EMBEDDED SYSTEMS SOFTWARE SECURITY SPECIALIST
CLOUD AND K8s CHALLENGE
KUBERNETES SIG SECURITY CHAIR / GOOSE ON FIRE
How can I become a Participant?
This year instead of talks/presentations you have a chance to be paired up with a teammate and coach to attempt to tackle a specially designed challenge within an allotted timeframe. Neither you nor the coach will be prepped as to the actual challenge.
The four areas are: Physical, Hardware, Reverse Engineering, and Cloud & Kubernetes. The challenges may potentially contain elements like the below:
- Physical: Lockpicking, safecracking, lock bypass
- Hardware: Soldering, component identification and troubleshooting, firmware code
- Reverse Engineering: Code analysis and used of reverse engineering tools
- Cloud & Kubernetes: Container and cloud challenges related to configuration and container security issues.
You are not expected to be an expert in any of the areas, however, you should consider applying for areas where you have at least some exposure or very basic knowledge. Example: You don’t need to know how solder SMD components, but you would want to know what they are and why they are different.
Instead of submitting a normal talk proposal, Chompy is changing it up and wants for you to submit a video of you telling us why you would make a good participant
For the video:
- The video can be no more than 2 minutes in length highlighting why you would be a good participant.
- We are looking for folks that have some familiarity with each area, are comfortable on camera, and don’t mind failing with an audience watching. The point of this is for everyone to learn and even the experts you are paired with may not be able to beat the challenges in the allotted time.
- The video should show your ability to interact with the camera and the audience viewing the video. We will also be looking for good video practices like lighting and sound. However, that will only be a small component of consideration.
- You can create this video in any way you see fit (Twitter, TikTok, LinkedIn, YouTube) whatever works for you. We suggest create a private video on YouTube and sharing the link. However, all that is required is the video can be viewed publicly. This is important as you will be on a live stream. If this is not something you are comfortable think about why you want to participate before submitting as you will need to be on camera in a live stream.
The BSides Orlando Staff and Volunteers will select contestants and notify them confirming their available. The selection criteria will be fairly qualitative and based on the overall quality your submission. Don’t just say why you will be a good contestant… show us! Have fun with it and show us why you will make the event fun and educational for everyone involved.
Ready to join us! Here is the Call for Participants, we hope you will apply and take part! https://bsidesorlando2021.busyconf.com/proposals/new
How do I Register and Watch?
Details will be posted shortly. The event is 100% virtual. It will be streamed to Twitch, Twitter, LinkedIn, and YouTube. Chat will happen in Discord along with Villages and Workshops.
Workshops – Friday – September 17
OSINT CTF STRATEGY & TACTICS
PWNING WEB APPS
Friday, September 17th
|EST||Workshops 1||Main Track|
|8A – 9A||Web Apps Workshop Check-In|
|9A – 1P||Web Apps – Phillip|
|1P – 2P||OSINT Workshop Check-In|
|2P – 6P||OSINT – Alethe|
|6P – 6:30P||Kick Off Video and Introductions|
|6:30P-7:30P||Recruiting Behind the Scenes Happy Hour|
Saturday, September 18th
|10:00 AM||Opening Ceremonies||CTF Opens|
|10:30 AM||Challenge Kickoffs and Intros|
|11:00 AM||Hardware – Jose 11A – 1P||TOOOL Intro to Lockpicking Talk|
|11:30 AM||* Hardware Continued||Handcuff Talk|
|12:00 PM||* Hardware Continued||Lockpicking in Games Museum|
|12:30 PM||* Hardware Continued||Doors, Cameras, and Mantraps Oh My!|
|1:00 PM||Late Lunch/Dinner – See LPV||Safecracking Simulator Lunch Hour|
|1:30 PM||Reversing – Hahna||Safecracking Simulator Lunch Hour|
|2:00 PM||** Reversing Continued||Physical Security Testing with Trash|
|2:30 PM||** Reversing Continued||15 Minute Tour of Southord Website|
|3:00 PM||** Reversing Continued||1 Hour Lockpicking Hangout|
|3:30 PM||K8s/Cloud – Ian Coldwater||TOOOL Intro to Lockpicking Talk|
|4:00 PM||** K8s Continued|
|4:30 PM||** K8s Continued|
|5:00 PM||** K8s Continued|
|5:30 PM||Physical – Deviant|
|6:00 PM||** Physical Continued|
|6:30 PM||** Physical Continued|
|7:00 PM||** Physical Continued|
|7:30 PM||Closing Ceremonies|
|8:00 PM||Cocktail Con||CTF closes 10AM Sunday|