Application Security Hackathon and Offensive Capture the Flag1 Day Challenge and Learning Event An initiative from Shearwater Solutions - Leaders in Application Security and Penetration Testing Powered by CMD + CTRL Cyber Range from Security Innovation 1 Day - 4 Cities - 100+ Players battle it out for the top spot Open to Individual Players & Teams of up to 4* Want to get your team genuinely excited about Web Application Security? Attend this Hackathon and plunge into the dark world of cyber attacks and view applications through the eyes of a rogue adversary. Locations ▶ Play from Sydney, Melbourne, Canberra, Brisbane or join remotely from anywhere in Australia. The event is held at Cliftons Conference Venues SYDNEY - 60 Margaret StMELBOURNE - 1/440 Collins StCANBERRA - 2/10 Moore St BRISBANE - 3/288 Edward St About the Challenge The challenge is based on an authentic and intentionally vulnerable application: InstaFriends – Social Media Website This challenge includes 55 vulnerabilities including SQL Injection, XSS, vertical and horizontal authentication bypass, and various crypto challenges. Players can post to another’s timeline without permission, escalate to admin privileges, and change another user’s privacy settings. Join, create and post to groups Friend and message other users Post and comment on photos Create and edit a profile Create user reviews Leave ratings Guided by cheat sheets and onsite application security specialists, you will become immersed in a “find the vulnerabilities” game where you will quickly learn and apply hacking techniques in a sandbox environment - and all the while, acquire the skills needed to keep data safe. Utilizes proven Capture-the-Flag (CTF) techniques in real-world settings Fully functional application allows users to exploit features they often build and use Clever pop-up messages, humorous sounds, and "Easter Eggs" throughout the sites make hacking them even more fun Real-time scoring creates friendly competition and motivation Includes vulnerabilities that cover various vulnerability classes Each challenge has a point value based on complexity, with challenges ranging from common advanced vulnerabilities Vulnerabilities are represented in a variety of forms just as they appear in commercial applications Ideal for all skills Got a question? Experts are readily available Need to overcome difficult challenges? Grab a cheat sheet or buy a hint using your points Want to maximize scoring? Team up for a broad-scale assault Use post-game reports to identify skills gaps Prizes 1st Prize: $1000 JB HIFI Gift Card 2nd Prize: $600 JB HIFI Gift Card3rd Prize: $400 JB HIFI Gift Card Please note that prizes are per team and will be divided amongst the team players. Morning tea, lunch, and afternoon tea are included for onsite players. Bonus: We will keep the Hackathon platform open until Friday 22 November, 5 pm. That’s an additional 7 days of access so you can make the most out of this learning experience and complete the challenges at your own pace. ⌛ Strictly limited places available, book now and secure your spot. * Please note that each player needs a ticket. Teams can purchase up to 4 tickets depending on the number of players they include.