The Flag Relay is our opensource web application, allowing for the accessibility to challenges and boxes created by members of the Top Secret Avengers, and other local contributors at Robert Morris University. Our server acts as a centralized system to track the points and activity of RMU students, and allows for the assist in on-going challenges, via hints and resources.
The Top Secret Avengers creates an engaging experience by simulating mock scenarios of cybersecurity challenges, from using singular files to life-like machines.
Challenges/Boxes are created in a range of difficulties, applying from beginner to advanced skills that are expected of cybersecurity specialists to be able to apply in a real work situation. This allows students to gain comfortability, confidence, and knowledge with using their operating system, common software, and applying methods of attack and vulnerability assessment.
Students are encouraged to either work individually or together. By participating in cybersecurity challenges, students can achieve professional development and gain the ability to be competitive among many candidates.
We aim for a large diversity of different scenarios to match the large variety of different machines/systems an entry level analyst might encounter in the real world. If you are interested to excel in cybersecurity, software development, blue team, or red team, we are always looking for individuals to help provide us with boxes or challenges, which in return will help others.
If you are interested, please check out our Discord so you can chat, mention suggestions, or submit your work.
Being a new participant in cybersecurity challenges and CTFs, might mean you will be working with a lot of unfamiliar environments and software's. If you are a beginner, we advise you look at the following resources and recommendations.
Hypervisor, VirtualBox (https://www.virtualbox.org/)
It is not entirely recommended to always work in an environment that is your personal space. With using a hypervisor such as VirtualBox, you can emulate sandboxes which gives you a contained and safe place to do your work.
Operating System, Kali Linux (https://www.kali.org/)
Kali Linux is a Linux distribution made specifically for penetration testers, and cybersecurity enthusiasts. We recommend you use a hypervisor to run Kali Linux, or another Linux distribution of your choice. These operating systems contain practically all of the essentials you will need when facing these challenges. Similar great Linux distributions for penetration testing include Parrot OS, and Black Arch.
Note Taking, Cherry Tree (https://github.com/giuspen/cherrytree)
It is important you take notes on an educational journey, especially in a field like cyber where it is almost like a firehose of information. It is advised you take notes on the steps you take for going at machines, as many of the steps can be appliable to other scenarios and will help if you face a wall. They are also great memory refreshers and will help develop your subconscious check list of important highlights to check on a system. Notes are also great for cheat sheets and organizing information when on an active red team operation. Cherry Tree is a simple notetaking application found preinstalled on Kali Linux. Paper notes, online notes, or whatever works best for you is the most optimal.