CyberChallenge.IT Cybersecurity training


The UniPD Node of the CINI Cybersecurity National Lab and the SPRITZ Security and Privacy Research Group are organizing the CyberChallenge.IT 2022 at the University of Padua! This is a program aimed at training in cybersecurity the best Italian students that are between 16 and 24 years old. CyberChallenge.IT is a program sponsored by the CINI Cybersecurity National Lab in collaboration with the National Cybersecurity Research Committee.
If you are young, have good programming knowledge, and want to further improve your skills, check out the official website of the event for more details: CyberChallenge.IT

Local Organizers

Lectures program

26/02/2024Intro: General introduction to CyberChallenge.IT & CTFs (Mirco Borella)16.00-19.00 in LabP55, Complesso Paolotti
29/02/2024Network: Network and Docker basics (Dante Geretto)16.00-19.00 in LabP55, Complesso Paolotti
04/03/2024Network: Network Security and Traffic Analysis using Wireshark (Bogdan Bejan)16.00-19.00 in LabP55, Complesso Paolotti
07/03/2024Network: Attack & Defense: A network security case study (Augusto Zanellato)16.00-19.00 in 1BC45, Torre Archimede
11/03/2024Crypto: Introduction to Symmetric key cryptography Encodings, substitution ciphers, xor and Vernam cipher (OTP), perfect secrecy, attacks on key reuse (Leonardo Bilato)16.00-19.00 in LabP55, Complesso Paolotti
14/03/2024Crypto: Block ciphers, Definition, interpretation as a substitution cipher, modes of operation, attacks (on modes of operation and Meet In The Middle on DES) (Leonardo Bilato)16.00-19.00 in LabP55, Complesso Paolotti
18/03/2024Crypto: Stream ciphers, (conclusion of lec 2: padding oracle attack on CBC), stream ciphers definition, examples and importance of the nonce (Leonardo Bilato)16.00-19.00 in LabP55, Complesso Paolotti
21/03/2024Crypto: Public key cryptography: Key exchange, Basics of Number Theory: GCD, XGCD, modular arithmetic, CRT. Diffie-Hellman key exchange, Man In The Middle [maybe a bit of algebra and Pohlig-Hellman attack on DLOGs] (Gioele Scandaletti)16.00-19.00 in LabP55, Complesso Paolotti
25/03/2024Crypto: RSA, Definition, proof of correctness (and another bit of algebra), RSA-CRT, attacks on textbook RSA (Gioele Scandaletti)16.00-19.00 in LabP55, Complesso Paolotti
28/03/2024Crypto: Hashes and MACs, (conclusion of lec 5: more attacks on textbook RSA), hash functions and cryptographic hash functions, Merkle-Dämgard construction (length extension attack) vs sponge construction, Message Authentication Codes (Gioele Scandaletti, Riccardo Bonavigo)16.00-19.00 in LabP55, Complesso Paolotti
04/04/2024Crypto: Digital signatures, DSA, RSA, attacks (Riccardo Bonavigo)16.00-19.00 in LabP55, Complesso Paolotti
08/04/2024Crypto: Random Number Generators, Cryptographically secure PRNGs, examples of crypto secure and non-crypto secure PRNGS, attacks on non cryptographically suitable PRNGs (Riccardo Bonavigo)16.00-19.00 in LabP55, Complesso Paolotti
10/04/2024Advanced Crypto: Lattices for cryptanalisys, Recap of linear algebra, lattice definition, hard problems on lattices, lattice reduction algorithms (LLL, BKZ, flatter) and an example of usage in CTFs [optional, not CC relevant, in a random day] (Francesco Felet)16.00-19.00 in 1BC50, Torre Archimede
11/04/2024Web: HTTP Protocol and Web-Security Overview + Server-Side Request Forgery (Matteo Bazzan)16.00-19.00 in LabP55, Complesso Paolotti
15/04/2024Web: File Disclosure + Logic Vulnerabilities (Matteo Bazzan)16.00-19.00 in LabP55, Complesso Paolotti
17/04/2024Web: Code and Commands Injection (Leonardo Costa)16.00-19.00 in 2AB40, Torre Archimede
18/04/2024Web: SQL Injection (Leonardo Costa)16.00-19.00 in LabP55, Complesso Paolotti
22/04/2024Web: Cross Site Scripting (XSS) (Alessandro Mizzaro)16.00-19.00 in LabP55, Complesso Paolotti
24/04/2024Web: XSS + XXE (Alessandro Mizzaro)16.00-19.00 in 1BC50, Torre Archimede
29/04/2024Software: Introduction: assembly, executable formats (Samuele Esposito)16.00-19.00 in LabP55, Complesso Paolotti
02/05/2024Software: Reverse engineering and main tools (Samuele Esposito)16.00-19.00 in LabP55, Complesso Paolotti
06/05/2024Software: Debugging, buffer overflow (Samuele Esposito)16.00-19.00 in LabP55, Complesso Paolotti
09/05/2024Software: Calling convention, advanced buffer overflow (Stefano Zanovello)16.00-19.00 in LabP55, Complesso Paolotti
13/05/2024Software: Shellcode injection (Stefano Zanovello)16.00-19.00 in LabP55, Complesso Paolotti
16/05/2024Software: Format string vulnerabilities (Stefano Zanovello)16.00-19.00 in LabP55, Complesso Paolotti
20/05/2024Software: Dynamic linking, return-to-libc (Augusto Zanellato)16.00-19.00 in LabP55, Complesso Paolotti
23/05/2024Software: Return Oriented Programming (Augusto Zanellato)16.00-19.00 in LabP55, Complesso Paolotti
27/05/2024A/D Preparation (Augusto Zanellato)16.00-19.00 in LabP55, Complesso Paolotti
29/05/2024Gara locale

CyberChallenge 2018: the UniPD team got the first national prize!

On the news: Il Bo Live UniPD