Security BSides London 2019

Getting started with InfoSec can be tricky, especially (If like me) you find experiential learning (Learning though experience/hands-on-learning) to be the best way to really grasp concepts you read/are told about. Unfortunately no matter how you phrase "I was just trying to learn..." when you're caught using NASA systems as your testing ground, you're still going to get an unpleasant first hand experience of the US judicial system. Thankfully there are "playgrounds" out there where we can practice and learn, although at first they can seem a little intimidating. This workshop will centre around 2 "playgrounds", 'overthewire.org' and 'hackthebox.eu'. Starting off with some personally selected challenges from overthewire, we'll discuss the vulnerabilities along with some background and theory before solving the challenge as a group. With each challenge solved participants should gain the knowledge required to be able to take on the entry challenge to be able to sign up for hackthebox. Once each participant has successfully been able to register with hackthebox, we'll look at 1 or 2 of their 'retired' machines as a group, going from having nothing more than the IP of a machine, to then getting administrator level access on that machine. The workshop will finish with participants splitting into groups and attempting one of the 'active' machines on hackthebox.

What you need to bring:
- A laptop with administrator access, capable of running a Linux VM.