Shearwater Application Security Hackathon 2019

Application Security Hackathon and Offensive Capture the Flag

1 Day Challenge and Learning Event

An initiative from Shearwater Solutions - Leaders in Application Security and Penetration Testing

Powered by CMD + CTRL Cyber Range from Security Innovation

1 Day - 4 Cities - 100+ Players battle it out for the top spot

Open to Individual Players & Teams of up to 4*

Want to get your team genuinely excited about Web Application Security? Attend this Hackathon and plunge into the dark world of cyber attacks and view applications through the eyes of a rogue adversary.

Locations

▶ Play from Sydney, Melbourne, Canberra, Brisbane or join remotely from anywhere in Australia. 

The event is held at Cliftons Conference Venues

SYDNEY - 60 Margaret St
MELBOURNE - 1/440 Collins St
CANBERRA - 2/10 Moore St  
BRISBANE - 3/288 Edward St 

About the Challenge

The challenge is based on an authentic and intentionally vulnerable application:

InstaFriends – Social Media Website

This challenge includes 55 vulnerabilities including SQL Injection, XSS, vertical and horizontal authentication bypass, and various crypto challenges. Players can post to another’s timeline without permission, escalate to admin privileges, and change another user’s privacy settings.

• Join, create and post to groups
• Friend and message other users
• Post and comment on photos
• Create and edit a profile
• Create user reviews
• Leave ratings

Guided by cheat sheets and onsite application security specialists, you will become immersed in a “find the vulnerabilities” game where you will quickly learn and apply hacking techniques in a sandbox environment - and all the while, acquire the skills needed to keep data safe.

• Utilizes proven Capture-the-Flag (CTF) techniques in real-world settings

• Fully functional application allows users to exploit features they often build and use 

• Clever pop-up messages, humorous sounds, and "Easter Eggs" throughout the sites make hacking them even more fun

• Real-time scoring creates friendly competition and motivation

• Includes vulnerabilities that cover various vulnerability classes
  
• Each challenge has a point value based on complexity, with challenges ranging from common  advanced vulnerabilities
  
• Vulnerabilities are represented in a variety of forms just as they appear in commercial applications

Ideal for all skills

• Got a question? Experts are readily available

• Need to overcome difficult challenges? Grab a cheat sheet or buy a hint using your points

• Want to maximize scoring? Team up for a broad-scale assault

• Use post-game reports to identify skills gaps 

Prizes

1st Prize: $1000 JB HIFI Gift Card 
2nd Prize: $600 JB HIFI Gift Card
3rd Prize: $400 JB HIFI Gift Card

Please note that prizes are per team and will be divided amongst the team players. 

Morning tea, lunch, and afternoon tea are included for onsite players.

Bonus: We will keep the Hackathon platform open until Friday 22 November, 5 pm. That’s an additional 7 days of access so you can make the most out of this learning experience and complete the challenges at your own pace.

⌛ Strictly limited places available, book now and secure your spot.

* Please note that each player needs a ticket. Teams can purchase up to 4 tickets depending on the number of players they include.