ISSessions 2022 CTF

Calling all current Canadian post-secondary students!

ISSessions is proud to announce our annual CTF this year will take place on March 5th to March 6th! In addition, we have sponsor workshops running from February 28th to March 4th, which include these sponsors: Lares Consulting, Bell, Deloitte, KPMG, Mandiant, Trend Micro, and Sinn Development!

Why should I attend?

CTFs are a great way to practice your technical skills, look fantastic on resumes and on top of that, you get a chance to take a bite out of our massive $3000+ PRIZE POOL! Additionally, this CTF features from people at all skill levels, so it’s a great opportunity to network and hone your hacking skills!

How does it work?

If you’re a Canadian post-secondary student, you can register over at https://ctf.issessions.ca/ ! Teams can comprise of up to 4 people, and there is no limit on the number of teams a school can send. Additionally, the event will be running in the CTF discord server as well, which you can join over at https://discord.gg/uRKTptegps. Make sure to use your student email! If your institution’s email is not on our whitelist, let us know and we’ll add it ASAP!

Hope to see you there! If you have any questions, feel free to ask me or any of the other ISSessions admins.

ISSessions 2022-01-13

Hey everyone,

We want to wish everyone a Happy New Year and a Happy New ISSessions meeting this Thursday January 13th 2022. πŸ₯³

AGENDA

7:00 – Kick-Off πŸ“£
7:05 – News Round Up πŸ“°
7:30 – Discussion Segment πŸ—£
8:00 – Break β˜•
8:05 – Exploitation of WebApp Flaws πŸ”Ž

About Jake

Jake Munro graduated from Fleming College’s Computer Security & Investigations course in April of 2021. He is now currently a cyber security mentor & technical recruiter for Lighthouse Labs. Jake loves helping others learn about the cyber security world and the many aspects to it, which lead him to Lighthouse Labs. It also lead him to helping with the CSI club in any way possible. Jake also loves participating in CTF challenges alone, or with groups of people. Outside of work, you can find him on Spotify, gaming or breaking his computers.

Exploitation of WebApp Flaws

Web application flaws have been around for many years, mostly due to developers not ‘sanitizing’ input forms or design flaws. They can be used to gain access to a website or server which can lead to information leaks. There are so many web application flaws that a lot of companies seem to only protect against the most commonly used ones. Cross site scripting, SQL injection and broken access control are some of the attacks used widely in today’s world. In this week’s ISSessions meeting we learn more about how some of these attacks work and see a live demo of a few of these attacks.

Can’t wait to see you all there πŸ₯³

-ISSessions Exec TeamπŸ”

ISSessions 2021-12-23

Hey everyone

We hope everyone’s exams went well!! We have an incredible meeting for everyone this Thursday. A little holiday gift for you all! 🎁

AGENDA

7:00 – Kick-Off πŸ“£
7:05 – News Round-Up πŸ“°
7:30 – ISS Jeopardy πŸ›ŽοΈ
8:00 – Break β˜•
8:05 – Building a Home Lab πŸ”¬

About Neil

Neil Desai is a Principal Security Strategist for Elastic. He has over two decades of information security experience. In past roles, he built Security Operations Centers (SOCs) and architected defensible and monitorable infrastructures for Fortune 500 US financial institutions. Outside of work he was a part of 1@stPlace, winners of DEFCON’s CTF in 2006 and 2007, and is a current member of C3X (https://www.thec3x.com/).

Building a Home Lab πŸ”¬

Do you want to build a home lab? Let’s talk about labs, equipment, options, and benefits. Labs can get expensive and a bit crazy (https://www.reddit.com/r/homelab/). Labs are not meant to be holistic, they serve a purpose to learn a specific skill set so we will see how we can match our lab build to our skills.

We hope to see you all there! πŸ˜„

– ISSessions Executive Team πŸ”