diff --git a/docs/Training/Schedule/2023Summer.md b/docs/Training/Schedule/2023Summer.md index 5edcd695b..f5f615e4f 100644 --- a/docs/Training/Schedule/2023Summer.md +++ b/docs/Training/Schedule/2023Summer.md @@ -1,8 +1,8 @@ # 2023 Summer Recruitment & Training Schedule -A recruitment program for new members will take place in the summer of 2023. The recruitment of new members will last for 4 weeks, and will be conducted jointly with South China University on the weekend of the 4th week. +A recruitment program for new members will take place in the summer of 2023. The recruitment of new members will last for 4 weeks and will be conducted jointly with South China Universities on the weekend of the 4th week. -There will be two categories of new members: basic and expert. In the basic level, many basic computer science concepts will be mentioned, and only the basic content will be required in the recruitment training questions. At the expert level, we will focus on real cybersecurity practice (in the meantime, let me assume you already have some computer science foundation) and begin computer security training directly. +There will be two categories of new members: basic and expert. At the basic level, many basic computer science concepts will be mentioned, and only the basic content will be required in the recruitment training questions. At the expert level, we will focus on real cybersecurity practice (in the meantime, let me assure you already have some computer science foundation) and begin computer security training directly. Therefore, this article will be described according to the following table of contents: @@ -15,16 +15,16 @@ Therefore, this article will be described according to the following table of co ## 0x1. Capture The Flag, CTF & COMPASS CTF team -Capture the Flag (CTF) is a class of security competitions that simulate real network environments and are usually divided into two categories: recreational exercises and formal competitions. In the first category, we will learn a lot of computer science and coding, programming, image encryption and a series of other interesting knowledge, just as learning itself is for an enjoyable experience, in this type of recreational practice tournament, you can get more basic knowledge about computer science and interesting experience. The latter category is better for your career development and future planning, and in recent years, CTF competitions for talent recruitment are increasingly held by companies, government departments and universities. In formal competitions, rigorous knowledge of cybersecurity will be tested, including malicious program analysis, industrial control software analysis, or offline hacking and defense simulating real-life environments. +Capture the Flag (CTF) is a class of security competitions that simulate real network environments and are usually divided into two categories: recreational exercises and formal competitions. In the first category, we will learn a lot of computer science and coding, programming, image encryption, and a series of other interesting knowledge, just as learning itself is an enjoyable experience, in this type of recreational practice tournament, you can get more basic knowledge about computer science and interesting experience. The latter category is better for your career development and future planning, and in recent years, CTF competitions for talent recruitment are increasingly held by companies, government departments, and universities. In formal competitions, rigorous knowledge of cybersecurity will be tested, including malicious program analysis, industrial control software analysis, or offline hacking and defense simulating real-life environments. -In Southern University of Science and Technology, winning official competitions can get you extra points for graduate school/prize money for the school and publicity on the official public website. In the official competitions you participate in, you can get the favor of enterprises such as Netcom, Ministry of Public Security, Ministry of Education, Ant (Alibaba Inc) or Meituan, etc. due to the different organizers. +At Southern University of Science and Technology, winning official competitions can get you extra points for graduate school/prize money for the school, and publicity on the official public website. In the official competitions you participate in, you can get the favor of enterprises such as Netcom, Ministry of Public Security, Ministry of Education, Ant (Alibaba Inc), or Meituan, etc. due to the different organizers. You can choose your training group according to your situation: 1. If you plan to learn a wide range of computer science knowledge in Network Security and Computer Security and want to have a fun experience with Competition and Computer Security. I recommend you to choose the basic level. 2. If you plan to join the COMPASS CTF team in the future, compete with the best students, achieve ranking, or participate in research projects, make a choice for your future planning. I recommend you to choose the Expert level. -Of course, these two level choices still represent different training difficulties and basic thresholds, which also need to be adjusted by your actual needs. You can also adjust your group after you have registered for new members. +Of course, these two-level choices still represent different training difficulties and basic thresholds, which also need to be adjusted by your actual needs. You can also adjust your group after you have registered for new members. ## 0x2. Registration for new members @@ -40,7 +40,7 @@ The recruitment of new members will be divided into three parts: 2. Daily practice questions. 3. weekly training and review of topics. -Among them, the basics of training and learning will use the CTF book written by Nu1L team for reference. The CTF All in One book is also recommended as a reference material. At the same time, I will also summarize a series of online materials, with our previous recruiting materials information to carry out. +Among them, the basics of training and learning will use the CTF book written by the Nu1L team for reference. The CTF All in One book is also recommended as reference material. At the same time, I will also summarize a series of online materials, with our previous recruiting materials information to carry out. You do not need to complete the questions on the same day, but it is recommended that you complete the week's questions before the intensive training and Q&A time every Sunday. You may have difficulty with the daily exercises, but each week we will work through the difficult questions. @@ -71,13 +71,13 @@ I am very sorry if you plan to drop out during the course of your study, but if If you need some help, perhaps the following will help you. -Q: I wasn't as interested in computer security as I expected to be at the beginning. +Q: I wasn't as interested in computer security as I expected it to be at the beginning. -A: The learning path for computer security can be very steep, and you may find yourself making no significant breakthroughs for some time. The accumulation of basic knowledge content is equally important. The field of computer security may not be as exciting or exhilarating as you might expect, but as you learn more, you will be exposed to more content that a beginner would not. +A: The learning path for computer security can be very steep, and you may find yourself making no significant breakthroughs for some time. The accumulation of basic knowledge content is equally important. The field of computer security may not be as exhilarating as you might expect, but as you learn more, you will be exposed to more content that a beginner would not. Q: The training schedule drains me. -A: Maybe you can try to lower the level of difficulty, even if you plan to join the team, but it's not for experts only. Basic level is also possible, the difference is only the 5% extra factor. +A: Maybe you can try to lower the level of difficulty, even if you plan to join the team, but it's not for experts only. The basic level is also possible, the difference is only the 5% extra factor. Q: I have other questions. @@ -114,4 +114,22 @@ Online competition & challenge platform: [http://detroit.sustech.edu.cn:29998/]( Online competition & challenge platform (Intranet address): [http://116.7.234.225:29998/](http://116.7.234.225:29998/) -CTF all in one gitbook: [https://firmianay.gitbook.io/ctf-all-in-one/content/](https://firmianay.gitbook.io/ctf-all-in-one/content/) \ No newline at end of file +CTF all in one gitbook: [https://firmianay.gitbook.io/ctf-all-in-one/content/](https://firmianay.gitbook.io/ctf-all-in-one/content/) + +## Attachment C. Timeline + +The timeline and the topics of the training schedule are as below: + +| Date | Topic | Attachment | +| --------- | ------------------------- | ------------------------------------------------------------ | +| Aug. 3rd | 1: introduction/Linux | [CTF_tutorial_1___introduction](../../assets/CTF_tutorial_1___introduction.pdf) | +| Aug. 6th | 2: web1 | 啊? | +| Aug. 7th | 3: web2 | Ah? | +| Aug. 10th | 4: forensics | あ? | +| Aug. 13th | 5: crypto/Python | 앗? | +| Aug. 14th | 6: reverse | Hamud? | +| Aug. 17th | 7: pwn1 | آه? | +| Aug. 20th | 8: pwn2 | አህ? | +| Aug. 21st | 9: penetration/bug bounty | 5ZWK? | +| Aug. 24th | 10: awd | -----BEGIN PGP MESSAGE-----
Version: Keybase OpenPGP v2.1.15
Comment: https://keybase.io/crypto

wcBMA3ffNJS1q05yAQf9HwBZU1UsQ5m9vzr8sZKGqRE0hXz0tL/4fn+53z0ZPtPZ
pMC8+Lqf2LUvuxy+e7kkGQ8+9TYG0+dRXzrTqB2XLswFVYVlQYE3kPggBopuvOmY
C2jbYElBs5BJReAtwMwfryF3zHi1QvES2McAlPie5t7UOZplu4+TneCzXclL07yz
3Ipw6se5h+VXUEXrPpF43tCXRj3dakpTFlpiVd62WB/NlNYf8LUDWDceOqC/flwL
0CEC9Jm/sCM5aynzjFuEyVSTXz5+2ppappkqyrnlhRkJWE/Tvvcg1Nw03rnpffSa
T5e76JhYPNgko/Pe7NFD19xeVpyjE4KgZIGNdndEX9JDAeIYls88jN3dpaVTvPJz
FP5xmvLVsEhj+g8bfCydR0vVJXirmdr7G1hdMpIYLd9R87PhW9E2TtT6AX0myaze
DMSaHA==
=fUNF
-----END PGP MESSAGE----- | + diff --git a/docs/assets/CTF_tutorial_0___meme.pdf b/docs/assets/CTF_tutorial_0___meme.pdf new file mode 100644 index 000000000..748004965 Binary files /dev/null and b/docs/assets/CTF_tutorial_0___meme.pdf differ diff --git a/docs/assets/CTF_tutorial_1___introduction.pdf b/docs/assets/CTF_tutorial_1___introduction.pdf new file mode 100644 index 000000000..fe810c25e Binary files /dev/null and b/docs/assets/CTF_tutorial_1___introduction.pdf differ