In this introductory session, you will build foundational knowledge on data science using R. You will learn importation and manipulation of csv files, filtering, subsetting, basic visualizations and many other useful skills.

Du får et grundlæggende kendskab til Linux, og lærer de vigtigste kommandoer. Derudover kommer vi til at vise nogle grundlæggende command-line værktøjer i Kali Linux, som er særligt brugbart indenfor cybersikkerhed. Denne session kræver ikke at man har en computer der kører Linux eller særlig software, så alle kan være med, og alt kører i en browser.

In this introductory session, you will build foundational knowledge on data science using R. You will learn importation and manipulation of csv files, filtering, subsetting, basic visualizations and many other useful skills.

Learn to write bash scripts for fun and profit! Automate every day tasks! Impress your friends! Bring doom and despair to your enemies!!! In this course we will learn to use bash to write scripts, and to use parameters and variables in those scripts. These scripts can be used to automate every day tasks such as making remote backups of interesting files and folders (wink wink​ We totally won’t be exfiltrating the data in those backups).

Exploitation is the art of making programs behave in unexpected and unintended ways, turning them to the attacker’s advantage. In this session we explore how programs are represented in the computer’s memory so that we can inject computer instructions into the memory. We also look at other simple representations of computer programs – like program graphs, assembly and intermediate representations – that can help us understand and reason about them in order to mount the attacks. The session will be a combination of English and Danish due to the teachers.

Flipped classroom: this session will provide a general overview of cryptology and introduce fundamental algorithms and technical prerequisites.

Flipped classroom: this session will provide a deeper study of cryptographic algorithms, modes and protocols, with a focus on what makes them work and where they are typically broken. This includes an overview of techniques for generating and managing cryptographic keys, as well as introduction to random number generators and bias in their output.

Du lærer ganske overordnet hvordan computernetværk fungerer. Herefter går vi over til hvordan scanning kan bruges til at identificere enheder på netværket, og lære om hvilke operativsystemer og services der kører – og hvordan scanning kan bruges til at finde sårbarheder. Til sidst kigger vi på grundlæggende opsamling og analyse af netværkstrafik med Wireshark.

Learn to write bash scripts for fun and profit! Automate every day tasks! Impress your friends! Bring doom and despair to your enemies!!! In this course we will learn to use bash to write scripts, and to use parameters and variables in those scripts. These scripts can be used to automate every day tasks such as making remote backups of interesting files and folders (wink wink​ We totally won’t be exfiltrating the data in those backups)

Du lærer ganske overordnet hvordan computernetværk fungerer. Herefter går vi over til hvordan scanning kan bruges til at identificere enheder på netværket, og lære om hvilke operativsystemer og services der kører – og hvordan scanning kan bruges til at finde sårbarheder. Til sidst kigger vi på grundlæggende opsamling og analyse af netværkstrafik med Wireshark.

A penetration test is carried out with permission from the owners of the systems and aims to uncover risks and vulnerabilities in the examined system. In this workshop, we will discuss penetration testing: classification, planning, execution, and its ethical and legal aspects. We will also address the most serious security issues in web-based applications today and try to identify a range of vulnerabilities ourselves. So, our focus is on training your skills in penetration testing!

Cyber forensics handler om at indsamle, analysere og præsentere digital data, f.eks. netværkstraffik, memory dumps og filer med skjult information. Vi vil i første halvdel af workshoppen fokusere på “steganografi” – at skjule data i andet data – og selv afprøve tools til at finde og extracte information. I anden halvdel skal vi se på digital hukommelse, og du får mulighed for selv at analysere et memory dump fra en computer, der har været udsat for et hackerangreb.

Denne session handler om grundlæggende web-sikkerhed, hvor vi bl.a. kommer ind SQL Injections, Cross-site scripting, Cookies og Cross-Site Request Forgery. Der er fokus på at forstå principper bag sårbarhederne, men vi kigger også en hel del på værktøjer til at finde og udnytte dem – inklusive generelle værktøjer indenfor web-sikkerhed som bl.a. burp og dirbuster, som er brugbare i mange forskellige opgaver. Den sidste halvdel af tiden er afsat til at løse opgaver, med mulighed for at få hjælp (og der vil være opgaver på flere niveauer).

Exploitation is the art of making programs behave in unexpected and unintended ways, turning them to the attacker’s advantage. In this session we explore how programs are represented in the computer’s memory so that we can inject computer instructions into the memory. We also look at other simple representations of computer programs – like program graphs, assembly and intermediate representations – that can help us understand and reason about them in order to mount the attacks. The session will be a combination of English and Danish due to the teachers.

In this session you will learn the basic techniques that can help you build the attacks. You will learn about buffer overflows and how they can be used to inject code. You will learn about typical countermeasures such as ASLR and stack canaries, and techniques that make your attacks more resilient to these countermeasures. The session will be a combination of English and Danish due to the teachers.

Flipped classroom: this session will provide a deeper study of cryptographic algorithms, modes and protocols, with a focus on what makes them work and where they are typically broken. This includes an overview of techniques for generating and managing cryptographic keys, as well as introduction to random number generators and bias in their output.

This is the advanced cryptology training session of Der Danske Cybermesterskaber, targeting specifically participants of the Nationals. In this session, you will learn more sophisticated techniques to solve common crypto related CTF problems.

The theme of this training session is Distributed Denial of Service (DDoS) attacks. First, the topic is introduced by outlining the typical motivations for and consequences of launching a DDoS attack, the structure of a DDoS service, the relevant legislation, the current academic research, commercial defense offerings, and the feature set of smaller (D)DoS attack tools. Then, a more in-depth presentation of the main types of DDoS attack are presented, as well as a more in-depth overview on how to choose the most suitable defensive techniques. Finally, the real-life defensive system deployed by Telenor is demonstrated, and the effect of an actual attack (and defense) on a game of Counterstrike is shown.