The UniPD Node of the CINI Cybersecurity National Lab and the SPRITZ Security and Privacy Research Group are organizing the CyberChallenge.IT 2022 at the University of Padua! This is a program aimed at training in cybersecurity the best Italian students that are between 16 and 24 years old. CyberChallenge.IT is a program sponsored by the CINI Cybersecurity National Lab in collaboration with the National Cybersecurity Research Committee.
If you are young, have good programming knowledge, and want to further improve your skills, check out the official website of the event for more details: CyberChallenge.IT
26/02/2024 | Intro: General introduction to CyberChallenge.IT & CTFs (Mirco Borella) | 16.00-19.00 in LabP55, Complesso Paolotti |
29/02/2024 | Network: Network and Docker basics (Dante Geretto) | 16.00-19.00 in LabP55, Complesso Paolotti |
04/03/2024 | Network: Network Security and Traffic Analysis using Wireshark (Bogdan Bejan) | 16.00-19.00 in LabP55, Complesso Paolotti |
07/03/2024 | Network: Attack & Defense: A network security case study (Augusto Zanellato) | 16.00-19.00 in 1BC45, Torre Archimede |
11/03/2024 | Crypto: Introduction to Symmetric key cryptography Encodings, substitution ciphers, xor and Vernam cipher (OTP), perfect secrecy, attacks on key reuse (Leonardo Bilato) | 16.00-19.00 in LabP55, Complesso Paolotti |
14/03/2024 | Crypto: Block ciphers, Definition, interpretation as a substitution cipher, modes of operation, attacks (on modes of operation and Meet In The Middle on DES) (Leonardo Bilato) | 16.00-19.00 in LabP55, Complesso Paolotti |
18/03/2024 | Crypto: Stream ciphers, (conclusion of lec 2: padding oracle attack on CBC), stream ciphers definition, examples and importance of the nonce (Leonardo Bilato) | 16.00-19.00 in LabP55, Complesso Paolotti |
21/03/2024 | Crypto: Public key cryptography: Key exchange, Basics of Number Theory: GCD, XGCD, modular arithmetic, CRT. Diffie-Hellman key exchange, Man In The Middle [maybe a bit of algebra and Pohlig-Hellman attack on DLOGs] (Gioele Scandaletti) | 16.00-19.00 in LabP55, Complesso Paolotti |
25/03/2024 | Crypto: RSA, Definition, proof of correctness (and another bit of algebra), RSA-CRT, attacks on textbook RSA (Gioele Scandaletti) | 16.00-19.00 in LabP55, Complesso Paolotti |
28/03/2024 | Crypto: Hashes and MACs, (conclusion of lec 5: more attacks on textbook RSA), hash functions and cryptographic hash functions, Merkle-Dämgard construction (length extension attack) vs sponge construction, Message Authentication Codes (Gioele Scandaletti, Riccardo Bonavigo) | 16.00-19.00 in LabP55, Complesso Paolotti |
04/04/2024 | Crypto: Digital signatures, DSA, RSA, attacks (Riccardo Bonavigo) | 16.00-19.00 in LabP55, Complesso Paolotti |
08/04/2024 | Crypto: Random Number Generators, Cryptographically secure PRNGs, examples of crypto secure and non-crypto secure PRNGS, attacks on non cryptographically suitable PRNGs (Riccardo Bonavigo) | 16.00-19.00 in LabP55, Complesso Paolotti |
10/04/2024 | Advanced Crypto: Lattices for cryptanalisys, Recap of linear algebra, lattice definition, hard problems on lattices, lattice reduction algorithms (LLL, BKZ, flatter) and an example of usage in CTFs [optional, not CC relevant, in a random day] (Francesco Felet) | 16.00-19.00 in 1BC50, Torre Archimede |
11/04/2024 | Web: HTTP Protocol and Web-Security Overview + Server-Side Request Forgery (Matteo Bazzan) | 16.00-19.00 in LabP55, Complesso Paolotti |
15/04/2024 | Web: File Disclosure + Logic Vulnerabilities (Matteo Bazzan) | 16.00-19.00 in LabP55, Complesso Paolotti |
17/04/2024 | Web: Code and Commands Injection (Leonardo Costa) | 16.00-19.00 in 2AB40, Torre Archimede |
18/04/2024 | Web: SQL Injection (Leonardo Costa) | 16.00-19.00 in LabP55, Complesso Paolotti |
22/04/2024 | Web: Cross Site Scripting (XSS) (Alessandro Mizzaro) | 16.00-19.00 in LabP55, Complesso Paolotti |
24/04/2024 | Web: XSS + XXE (Alessandro Mizzaro) | 16.00-19.00 in 1BC50, Torre Archimede |
29/04/2024 | Software: Introduction: assembly, executable formats (Samuele Esposito) | 16.00-19.00 in LabP55, Complesso Paolotti |
02/05/2024 | Software: Reverse engineering and main tools (Samuele Esposito) | 16.00-19.00 in LabP55, Complesso Paolotti |
06/05/2024 | Software: Debugging, buffer overflow (Samuele Esposito) | 16.00-19.00 in LabP55, Complesso Paolotti |
09/05/2024 | Software: Calling convention, advanced buffer overflow (Stefano Zanovello) | 16.00-19.00 in LabP55, Complesso Paolotti |
13/05/2024 | Software: Shellcode injection (Stefano Zanovello) | 16.00-19.00 in LabP55, Complesso Paolotti |
16/05/2024 | Software: Format string vulnerabilities (Stefano Zanovello) | 16.00-19.00 in LabP55, Complesso Paolotti |
20/05/2024 | Software: Dynamic linking, return-to-libc (Augusto Zanellato) | 16.00-19.00 in LabP55, Complesso Paolotti |
23/05/2024 | Software: Return Oriented Programming (Augusto Zanellato) | 16.00-19.00 in LabP55, Complesso Paolotti |
27/05/2024 | A/D Preparation (Augusto Zanellato) | 16.00-19.00 in LabP55, Complesso Paolotti |
29/05/2024 | Gara locale |
On the news: Il Bo Live UniPD