Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Ask HN: How to setup a small DEFCON?
2 points by new_hackers on June 12, 2015 | hide | past | favorite | 2 comments
So some friends and I were talking about LAN parties today, and an idea to hold our own very small DEFCON came up. Basically to have a single machine with one or more known vulnerabilities setup by the 'dungeon master' then everyone else attempts to pwn it.

But setting all this up seemed like a lot of work just for an evening of fun.

Does anyone have any tips or links to make something like this easier?

We are all working as good guys and must be security minded, but don't have a lot of firsthand experience as bad guys. Thought this would be a safe way to practice some of attacks the bad guys might us against us.

Any ideas?



I just happened to be doing this today myself, here's what I'm putting together (based on recommendations from the book "Hacking with Kali" which is free if you have an ACM membership).

Practice tools/lab environments:

1. https://github.com/SpiderLabs/MCIR

2. https://www.offensive-security.com/metasploit-unleashed/Requ...

3. http://sourceforge.net/projects/mutillidae/

4. http://www.dvwa.co.uk/

Install that stuff in a VM:

* https://www.virtualbox.org/wiki/Downloads

Metasploitable2 is a pre-packaged pentesting environment with plenty of vulnerabilities. You could run a CTF by just picking out things from the exploitability guide that comes with it (read down the page a bit) and defining victory conditions based on that.


Awesome stuff, thank you!




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: