[KOR] VWP - 취약한 워드프레스 환경

요약취약한 워드프레스 환경을 자동으로 구축해주는 깃헙 리포를 발견했습니다. 하지만 이런저런 문제점으로 에러가 나서 그것을 고친 뒤 배포하기로 결정합니다. https://github.com/ChoiSG/vwp 한글 리드미는 여기서 참고해주시기 바랍니다. - https://github.com/ChoiSG/vwp/blob/main/README.ko.md 직접 리포에 가셔서 클론 하신 뒤 간단하게  docker-compose up --build 으로…

시나리오 기반의 모의침투테스트 대회를 진행하며

요약(영어가 편하신 분들 or If you are an English speaker, please read the english version of this article here - https://blog.sunggwanchoi.com/we-created-a-fake-company-infrastructure/) 2020년 봄학기 1월 초, 나와 내 친구는 학교의 취약점 진단 및 모의침투테스트 그룹의 공동리더가 됐다. 이 기회를 살려 실제 모의침투테스트와 비슷한 대회를 만들어 봤다.…

We Created a Fake Company Infrastructure for Student Club Members to Hack

Summary As current leaders of Rochester Institute of Technology's Penetration Testing group (RVAPT), my colleague and I created a mini-competition that simulated a fake organization's IT infrastructure for the students to do a penetration testing on. With the help of my colleague and co-leader of RVAPT, Mohammed Alshehri(twitter), we…

RVAPT - 1 - Pre Engagement

Slides Link BackgroundIn week 1 of RVAPT, the group have went over the Pre-Engagement phase of the penetration testing. There was a clear reason why RVAPT started off with non-technical, a bit "boring" side of Offensive Security. This is because Pre-Engagement is essential in the life cycle of penetration testing.…

RVAPT 0 - Introduction

SlidesRVAPT 0 - Introduction Slides DemoN/A - For introduction week, there was no demo The BackgroundIn my school, Rochester Institute of Technology (RIT), Computing Security (CSEC) is one of a big computing major. One aspect that I absolutely love about RIT and CSEC is that our student club, RITSEC…