When we made the decision to take AvengerCon virtual, the question of how to run all the various villages in this new setting kept coming up. Challenges with registration, participation, engagement, and navigating a virtual conference forced us to rethink how the villages portion of AvengerCon could be done successfully.
We decided on a combined village CTF approach to prevent a half-dozen fragmented villages that participants would be unable to navigate. The villages participating in the combined CTF are:
ICS/SCADA village: The ICS Village equips industry and policymakers to better defend industrial equipment through experiential awareness, education, and training. Security issues with high profile industrial control systems have grabbed headlines and sparked changes throughout the global supply chain.
The village allows defenders of any experience level to understand unique failure modes of these systems and how to better prepare and respond to the changing threat landscape. Back for the third year in a row, this village challenges you to break into ICS and SCADA control systems to capture flags and cause chaos.
Recon: The AvengerCon V recon capture the flag is focused on cyber reconnaissance information from OSINT, social engineering, IMINT, HUMINT, and SIGDEV. Challenges are built as single puzzles and some are assembled into larger scenarios such as investigating an APT or a rogue hacker.
The challenges will highlight the tools, tradecraft, technical skillsets applied by analysts outside of the terminal. If you know how to google you can get started in OSINT. There will be challenges for beginners and seasoned vets for anyone who wants to participate. The only thing needed is an internet connection.
RF village: Curious about RF hacking and radios? The RF village is back with a series of radio challenges in CTF format. You will need to investigate a progressively harder series of radio filecaptures in order to find the hidden flags.
The combined CTF is being hosted on the ICS village infrastructure. In order to participate in the combined CTF, please register at https://hacktheplanet.ctfd.io/.
We also have two villages that are not part of the larger AvengerCon CTF: the lock-picking village and the crypto challenge!
Lockpick village: Want to learn how to pick locks? Or maybe you just need a refresher on the best way to shim. Toool is back this year and running virtual tutorials all day in the
lockpicking-textconference Discord channels.
The lockpicking village aims to give attendees a real-world understanding of physical security through instruction in lockpicking and physical systems. We intend to provide as much hands on support as possible over the virtual event, so bring your picks and webcams if you have them as we'll be doing 1-on-1 training. We're excited to be back for our fourth year and are staffed by members of Toool Maryland and Toool Boston respectively.
Topics covered will be:
- Lockpicking101: Flay
- Digital Attacks for Locks and Cardreaders: Serialgeist
- Government Locks Show and Tell: MacGnG
- Basic SERE Lockpicking/Bypassing: Stikk
Crypto Challenge: AvengerCon welcomes back the annual crypto challenge, open November 30th to December 1st! This year the challenge has gone digital with a unique set of puzzles for every attendee!
Challenge fellow attendees for the fastest solve times and become the top cryptologist with the best cumulative score!
Be sure to check out the challenge's Discord channel (help available starting December 1st) if you get stuck or have any other questions!
Our resident crypto enthusiast has been hard at work this year. Put your logic skills to the test with a series of cryptological challenges that get harder the more you solve!
The villages also have their own text and talk channels on the conference Discord, they can be found by expanding the
village-help: Need help? Post here and an AvengerCon admin will get back to you ASAP.
general-voice: General text and voice chatrooms, hang out and talk about village related stuff!
lockpicking-text: Text chat for the lockpicking village. Come talk with members of Toool for lockpicking tips and 1-on-1 help.
lockpicking-stream: Video and voice stream of the lockpicking village, come watch some lockpicking demos or follow along if you have your own kit.
ics-voice: Text and voice chatrooms for help and discussion about the ICS/SCADA challenges of the combined CTF.
recon-voice: Text and voice chatrooms for help and discussion about the recon challenges of the combined CTF.
rf-voice: Text and voice chatrooms for help and discussion about the RF challenges of the combined CTF.
crypto-voice: Text and voice chatrooms for help and discussion about this years crypto challenge.
We hope you are as excited as we are for AvengerCon V!