The Diana Initiative 2021

Capture The Flag (CTF) is a staple at cybersecurity conferences and an effective way to teach practical skills. At the beginner levels, publicly available CTFs tend to have challenges that are mostly unrelated to each other, which may not represent real-life attack scenarios and provide less value in raising your team's security awareness. In this talk, we will tell our story of building an in-house, jeopardy-style CTF that recreates a realistic adversarial attack chain and is 100% customized to the way our Red team and business partners do things using our actual TTPs (Tactics, Techniques, and Procedures). We put our CTF attendees into the shoes of attackers who already have some basic access and now try to perform internal recon, webapp code review, build pipeline compromises, and Active Directory lateral movements and attacks. We will discuss what the intended attack chain looks like, the infrastructure setup, the making of challenges, and things to watch out for. This talk aims to share our learnings and perspectives with other security professionals who are passionate about cybersecurity education and want to include CTFs as part of the security training experience for their organizations.