GEC NEWS WIRESecureLink and Security Innovation organized a gamified ethical hacking workshop called CodeBreakers. The day long CMD+Control challenge was attended by 12 participants who tested their hacking skills. The hackathon comprised of a vulnerable website where players could immerse themselves in a “find the vulnerabilities” game and apply hacking techniques in a sand boxed environment, thus earning points for each vulnerability exploited.
Reghu Mohandas, Director – Risk Analytics & Advisory, SecureLink said, “What this workshop offered participants, is the opportunity to actually engage in an attack. Most security professionals only have experience in protecting their assets by implementing technology or conducting compliance related activities. This was a chance to get hands-on experience on hacking into a simulated banking website, learning about vulnerabilities, attack methods and how to conduct an attack. Everyone got a chance to learn something new and the live scoreboard made it even more exciting.”
The CMD+CTRL Hackathon comprises of three vulnerable Web sites (Shred Retail, Shadow Bank, and Account All HR) that included functionalities you would expect to find in e-commerce, banking, and HR websites. With more than 150 vulnerabilities, challenges ranged from common vulnerabilities such as SQL Injection and Cross-Site Scripting to more advanced cryptanalysis and cipher cracking tests. Each challenge had a point value and discovered vulnerabilities which were automatically updated on a live scoreboard. For this event only the shadow bank website was used.
