# Introduction to A/D CTFs
Alberto Carboneri <@Alberto247>
Matteo Protopapa <@matpro>
---
## Intro
----
## Recap: Jeopardy CTFs
- Every team (usually) has to attack the same instance of a service <!-- .element: class="fragment" data-fragment-index="1" -->
- Once the vulnerability is found, the job is done <!-- .element: class="fragment" data-fragment-index="2" -->
- The focus is on the attack phase <!-- .element: class="fragment" data-fragment-index="3" -->
----
## A/D CTFs peculiarities
- Every team has (almost) the same server(s) <!-- .element: class="fragment" data-fragment-index="1" -->
- Once the vulnerability is found, you have to: <!-- .element: class="fragment" data-fragment-index="2" -->
- weaponize the attack <!-- .element: class="fragment" data-fragment-index="3" -->
- patch the vulnerability <!-- .element: class="fragment" data-fragment-index="4" -->
- find other vulnerabilities <!-- .element: class="fragment" data-fragment-index="5" -->
- You need to focus on both the attack and the defence phases, as well as the SLA <!-- .element: class="fragment" data-fragment-index="6" -->
A/D CTFs are way more dynamic! <!-- .element: class="fragment" data-fragment-index="7" -->
---
## Rules
----
## Basic setup
----
## Exploit
----
## Patches
----
## SLA
----
## SLA
----
## Ticks
----
## Network analysis
---
## Tools
----
## Attacker
----
## Submitter
----
## Proxy
----
## Metrics
----
## Metrics
----
## Network analyzer
----
## Network analyzer
----
## Network analyzer
---
## In reality...
----
## Team setup
----
## Game setup
----
## Demo
Let's see some real tool!
---
# The End
{"title":"Introduction to A/D CTFs","slideOptions":"{\"transition\":\"slide\"}","contributors":"[{\"id\":\"1a481c45-d895-4214-adee-9d9ea2eb9cb3\",\"add\":2578,\"del\":31}]"}