Tumblelog by Soup.io
Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

March 13 2016

Reposted fromnaderman naderman viadatacop datacop
3731 06fd 390
Reposted fromzciach zciach viaSirenensang Sirenensang
5496 8c38 390
Reposted fromAnetzschka Anetzschka viaSirenensang Sirenensang
4985 11d4 390
Reposted fromTARDIS TARDIS
Reposted fromfupduck fupduck viaSirenensang Sirenensang
4962 0f48 390
9126 7840 390
Reposted fromMeshirr Meshirr viaSirenensang Sirenensang
Reposted fromFlau Flau viaSirenensang Sirenensang
4792 127f 390
Reposted fromDerDan DerDan viamurdelta murdelta
2851 6d01 390
Reposted fromkellerabteil kellerabteil

February 04 2016

7879 d61d 390
7880 b5ed 390
7882 df9d 390
Reposted byhanse hanse

January 23 2016

2862 e2db 390
2867 28b2 390

December 01 2015


Ever since I am involved into different “IT security” contexts, I regularly stumbled upon Capture the Flag (CTF). CTF is a special kind of information security competitions.


In a CTF, many teams from all over the world compete in interesting challenges against each other. Such challenges cover different information security topics such as reverse engineering, cryptography, binary exploitation, forensics and web security. The goal is to capture flags. Flags are small pieces of information, which are hidden somewhere in the challenge. They often look like this: ctf{this_is_a_flag}.

There are mostly two different kinds of CTF. In the more common Jeopardy ones, teams have to solve challenges given and hosted by the organizers. In the far less common attack-defence ones, teams are given some services by the organizers and need to run (and defend) them on their own infrastructure, while at the same time attacking the services of other teams. I’ll spare you the details, read more about CTF at CTFtime.

Ever since I know that CTF exists, I wanted to participate in one on my own. But I never knew where to start. It needed some teaching assistants of TUGraz’ (very awesome) Security Aspects in Software Development lecture to finally help me jump into the cold water.

So it happened last December that I found myself in a seminar room full of people like me, playing RuCTFE 2014. RuCTFE is one of the earlier mentioned rare attack-defence CTF. I managed to help solving a service. We managed to solve it way too late, but we learned a lot. In the end we collected some flags and made place 62 (out of 115 active teams).


Fast forward to December 2015, about one year later. I got addicted and more or less successfully participated in a few more CTF over the year. I enjoyed most of them and learned a lot.

So what’s next?

All over the year, the group of people participating in our team grew, but changed a lot. From the beginning on, this group of people called themselves LosFuzzys. The group met on a irregular basis to participate in some competitions, but had otherwise no forum or similar setting to discuss challenges & exchange knowledge.

This started to change in the last months, and really got up to speed in the last weeks. Myself and Mike started to better organize LosFuzzys and coordinate our efforts. In addition, we started systematically telling people about our team and organizing meetups.

It was important to me to cover the topics of ethics and ethical hacking (we even have a manifesto!). In addition, it was (and is) very important to me to create a welcoming atmosphere and to welcome everyone interested. This also means kicking out those who don’t respect this values if needed.

The effort of the whole group already bore first fruits, given our November 2015 results:

  • RuCTFe: place 22 out of 140 active teams
  • 9447ctf: place 24 out of 595 active teams

It can be seen that a lot is possible if we focus our efforts and coordinate the team.

It is thus our plan to continue organizing LosFuzzys as a team towards building a student-organized group of people who not only participate in CTF but also meet to exchange knowledge about information security (infosec).

So, if you are interested in the mentioned topics feel free to join us! We welcome all people interested in infosec, regardless of experience or student-status!

Where to start? Check out our homepage at losfuzzys.github.io and visit our December meeting.

November 30 2015

Blogging in English?

Since an increasingly large part of my community / filter bubble is not from the German-speaking parts of the world, I will from now on try to blog in English.

Furthermore, some thoughts in my brain are mostly formed out of English words, due to the nature of my fields of interest, its communities and literature. Thus, blogging in English is not the worst idea.

It’s likely that the “target audience” of some thoughts speaks mostly German, though. So I am going to mix the language of this blog from time to time.

We will see.

(My English is far from perfect, so please bear with me. And feel free to point out any mistakes.)

November 23 2015

5293 6db3 390


November 15 2015

Play fullscreen

Put your faith in what you most believe in …

Older posts are this way If this message doesn't go away, click anywhere on the page to continue loading posts.
Could not load more posts
Maybe Soup is currently being updated? I'll try again automatically in a few seconds...
Just a second, loading more posts...
You've reached the end.

Don't be the product, buy the product!