Camp Format

The Florida Tech GenCyber camp will take place on the Florida Tech campus for five days from June 10-June 14, 2024. Camp activities will run from 9 AM - 4:00 PM, including six hours of daily instruction and a lunch break.

Pre-Camp Activities

We will conduct 15 hours of pre-camp activities in two parts. We will begin pre-camp activities on March 1, 2024 (coinciding with an early release day) and continue through April 20, 2024. We will provide six weeks (9 hours) of asynchronous instruction over Discord, introducing students to ethical hacking, forensics, cryptography, web exploitation, and reverse engineering concepts, directing them to further self-study resources (e.g., 247ctf, OverTheWire, LiveOverflow.) We will finalize our pre-camp activities and invite students to our internal Big Brother CTF Competition (6 hours), which pairs novice students with experienced competitors from our nationally ranked Cybersecurity team.

Camp Schedule

Day 1: Forensics Block (6 hours) - June 10, 2024

  1. Cyber Laws (CFAA, DCMA, ECPA) and Ethics
  2. Introduction to Linux and the Command Line
  3. Network Traffic Analysis (TCP, UDP, IP, Common Services, Wireshark, Tshark, Netcat)
  4. Network Defense Strategies (Defense in Depth, Snort, Zeek, Iptables, Firewalls)
  5. Integrity Activity: Remote Control Car Hacking via Packet Crafting with Scapy

Day 2: Cryptography Block (6 hours) - June 11, 2024

  1. Encoding Schemes (Bits, Bytes, ASCII) & Logical Cyber Math (Boolean Logic)
  2. Cryptography Intro (Plaintext, Ciphertext, Algorithm, Substitution Ciphers)
  3. Cryptographic Attacks (Letter Frequency Attacks, Known Plaintext Attacks)
  4. Password Cracking (Cryptographic Hashing, Dictionary Attacks, Password Mask Attacks)
  5. Confidentiality Activity: Hidden Secrets Treasure Hunt

Day 3: Web Vulnerabilities (6 hours) - June 12, 2024

  1. Web Application Security & OWASP Top 10
  2. Man-in-the-middle attacks (Introduce Burpe Suite, Tampering with requests)
  3. File Upload-Based Attacks (Uploading Webshells)
  4. Injection Based Attacks (Command Injection, SQL Injection)
  5. Think Like an Adversary Activity: Hack This Quiz Activity

Day 4: Reverse Engineering (6 hours) - June 13, 2024

  1. Intro to Machine Code (The Stack, Basic Assembly Instructions, Calling Conventions)
  2. Dynamic Analysis (Debugging with GDB, Syscall tracing, library tracing)
  3. Static Analysis (Decompilation with Ghidra, Binary Ninja, and reverse engineering frameworks)
  4. Constraint Solving & Symbolic Execution (Overview of Z3 and Angr)
  5. Activity: Binary Jiu Jitsu - Part 1

Day 5: Vulnerability Research (6 hours) - June 14, 2024

  1. Stack Buffer Overflows (Overflowing Local Variables and the Return Pointer)
  2. Format String Vulnerabilities (Arbitrary Reading Stack Contents)
  3. Activity: Binary Jiu Jitsu - Part 2
  4. Guest Speaker

Post-Camp Activities

We will maintain a year-long engagement approach with participants by inviting students to join our internal team lessons/training over Discord and solve challenges on our CTF server. Over this platform, we will conduct 15 hours of deliberate post-camp activities. First, we invite them to (9 hours) of deliberate training focused on advanced topics in Cryptography, Forensics, Web Exploitation, Reverse Engineering, and Binary Exploitation. This training will culminate in a (6 hours) Blue Belt CTF Competition that earns them a role on our competitive cybersecurity team. We will open the post-camp activities on August 1, 2024, and continue until February 1st, 2025.