Contact
SYS_TIME [ 00 00 00 ]

Agenda & Workshops

Back to Workshop Overview


Event Agenda

SessionFocus
01Recon & Web Proxies — discovery, disclosure, endpoint mapping
02Access Control — sessions, privilege bypasses, access checks
03Injection Attacks — SQL injection, command injection, SSTI
04Broken Authentication — brute force, reset flows, token handling
05API Exploitation & File Attacks — upload abuse, LFI/RFI, API logic flaws
FINALELive ACM/Cyber-Tech CTF 2.0 main event

Preparation Workshops (5 Days)

!!! info "Note" I gave 3 of these 5 preparation workshops myself — I did not take them as a participant. I wrote the content and hands-on labs for Days 2–4 and presented them live to attendees.

DayTopicAuthor & PresenterLab
1Recon & Web ProxiesGhaida Abdulaziz AldriweeshCapture traffic and uncover hidden endpoints
2Access ControlShoug Alomran (me)IDOR and parameter tampering challenge
3Injection AttacksShoug Alomran (me)Exploit SQLi to extract lab data
4Broken AuthenticationShoug Alomran (me)Reset-token brute force and session proof
5API Exploitation & File AttacksSultan AlharbiAPI challenge and local-file read exploit

Live In-Person Recap Workshop

On top of the 5-day online series, we also hosted a 1-day, in-person recap workshop (about 3 hours) covering everything from the 5 days. I presented this session myself. It isn't listed on the official CTF website — it's noted here only.