-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.html
165 lines (153 loc) · 10.6 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>PETIR</title>
<link
rel="stylesheet"
href="https://cdn.jsdelivr.net/npm/@picocss/pico@2/css/pico.min.css"
>
<link
rel="stylesheet"
href="https://cdn.jsdelivr.net/npm/@picocss/pico@2/css/pico.colors.min.css"
>
<link
rel="stylesheet"
href="styles.css"
>
</head>
<body>
<nav class="container">
<ul>
<li><a href="#intro" class="bold pico-color-slate-900">PETIR</a></li>
</ul>
<ul>
<li><a href="#about" class="secondary pico-color-slate-500">About</a></li>
<li><a href="#streams" class="secondary pico-color-slate-500">Streams</a></li>
<li><a href="#achievements" class="secondary pico-color-slate-500">Achievements</a></li>
</ul>
</nav>
<main class="container">
<section id="intro" class="intro">
<h1 class="intro-title">PE<img class="inline-logo" src="assets/petir-logo.png">TIR</h1>
<a href="#about" role="button" class="pico-background-pumpkin-300">Learn more</a>
</section>
<section id="about">
<h2>About</h2>
<p>We are a well-versed shadow community of competitive students under the Cyber security Program in BINUS University</p>
<p>What we do, in essence:</p>
<ol>
<li>We strive for competitive achievements in every Cyber Security domain.</li>
<li>We collaborate with institutions to produce well-designed CTF challenges.</li>
<li>We encompass a hive-minded culture: new knowledge for one is new knowledge for all.</li>
</ol>
</section>
<section id="streams">
<h2>Streams in Petir Cyber Security</h2>
<p>Capture the Flag (CTF) in cybersecurity is a type of competition where participants engage in various challenges related to computer security. These competitions simulate real-world security scenarios and require participants to use their knowledge and skills to solve problems, exploit vulnerabilities, and capture "flags"—hidden pieces of data that serve as proof of a successful exploit or solution.</p>
<p>There are 6 streamings in PETIR: Web Exploitation, Binary Exploitation, Reverse Engineering, Forensics, Cryptography and Blockchain.</p>
<section class="inner-section">
<h3>Web Exploitation</h3>
<img class="stream-img" src="assets/web-exploit.webp"/>
<p>Web exploitation revolves around identifying and exploiting security weaknesses in web applications. This often involves manipulating input fields to cause unintended behavior, such as using SQL Injection to gain unauthorized access to databases, or Cross-Site Scripting (XSS) to inject malicious scripts into web pages viewed by other users. Techniques like Cross-Site Request Forgery (CSRF) can trick users into performing actions they did not intend, while Command Injection allows for the execution of arbitrary commands on a server. Mastery in this area requires a solid understanding of web technologies, including how web servers, browsers, and application frameworks interact, as well as proficiency in programming languages commonly used in web development like JavaScript, PHP, and Python.</p>
<h3>Binary Exploitation</h3>
<img class="stream-img" src="assets/bin-exploit.webp"/>
<p>Binary exploitation involves finding and taking advantage of vulnerabilities in compiled programs to execute arbitrary code or gain unauthorized access. Common techniques include Buffer Overflow, where attackers overwrite a program’s memory to alter its execution flow, and Format String Vulnerabilities, which involve manipulating format specifiers to access or modify memory. Return-Oriented Programming (ROP) is another advanced technique where attackers use existing code snippets within a program's memory to execute malicious payloads. This stream requires a deep understanding of low-level programming concepts, assembly language, and security mechanisms like stack canaries and Address Space Layout Randomization (ASLR), alongside experience with tools for analyzing and manipulating binaries.</p>
<h3>Reverse Engineering</h3>
<img class="stream-img" src="assets/reverse-engineer.webp"/>
<p>Reverse engineering focuses on deconstructing compiled software to understand its functionality or discover vulnerabilities. This process often involves disassembly, where binary code is translated into assembly language to analyze the program’s behavior. Debugging tools allow for stepping through code execution to inspect and manipulate program states, while decompilation tools convert binary code into higher-level programming languages for easier comprehension. Success in this area requires familiarity with assembly language, debugging tools such as GDB, and decompilation tools like IDA Pro or Ghidra, as well as a keen ability to understand and reconstruct the logic of compiled applications.</p>
<h3>Cryptography</h3>
<img class="stream-img" src="assets/crypto.webp"/>
<p>Cryptography deals with the principles and practices of secure communication and data protection. In CTF challenges, this often means breaking cryptographic algorithms or protocols by finding weaknesses in their design or implementation. Cryptanalysis involves applying mathematical techniques to decipher encrypted messages or undermine cryptographic methods. Participants might also face tasks related to implementing secure cryptographic systems correctly. This stream demands a strong grasp of cryptographic theories and algorithms, such as AES and RSA, and a thorough understanding of how these methods are applied to protect data in various contexts.</p>
<h3>Forensics</h3>
<img class="stream-img" src="assets/forensic.webp"/>
<p>Forensics involves the investigation and analysis of digital evidence to uncover and understand what happened in a given scenario. In Capture the Flag (CTF) challenges, forensics tasks often require participants to examine and interpret data from various sources, such as disk images, memory dumps, and log files. The goal is to reconstruct events, identify malicious activity, and extract hidden or deleted information.</p>
<h3>Blockchain</h3>
<p>Blockchain in Capture the Flag (CTF) challenges involves the exploration and analysis of decentralized ledger technologies to uncover hidden information and solve complex problems. Participants are often tasked with examining blockchain transactions, smart contracts, and cryptographic signatures to understand and exploit vulnerabilities or extract specific data. The goal is to simulate real-world scenarios where blockchain security is tested, helping participants develop skills in identifying weaknesses, verifying the integrity of transactions, and ensuring the robustness of blockchain implementations.</p> </p>
</section>
</section>
<section id="achievements">
<h2>Achievements</h2>
<section class="xtra-mb">
<h3>Competitions</h3>
<table>
<thead>
<tr>
<th scope="col">Competition</th>
<th scope="col">Year</th>
<th scope="col">Rank</th>
</tr>
</thead>
<tbody>
<tr>
<th scope="row">WRECK-IT 4.0</th>
<td>April 2023, Politeknik SSN</td>
<td>3rd Place</td>
</tr>
<tr>
<th scope="row">Find-IT CTF</th>
<td>May 2023</td>
<td>2nd Place</td>
</tr>
<tr>
<th scope="row">Joints UGM CTF</th>
<td>May 2023</td>
<td>1st Place</td>
</tr>
<tr>
<th scope="row">Blackhat MEA</th>
<td>2022</td>
<td>12th World Rank</td>
</tr>
<tr>
<th scope="row">CodeGate CTF Korea</th>
<td>2023</td>
<td>6th World Junior Rank</td>
</tr>
<tr>
<td colspan="3">and 11 more competitions (winning all of them)</td>
</tr>
</tbody>
</table>
<div class="grid-wrapper">
<div class="grid">
<img src="assets/hology.jpeg"/>
<img src="assets/blackhatmea.jpeg"/>
<img src="assets/slashroot.jpeg"/>
</div>
<div class="grid">
<img src="assets/netcomp.jpeg"/>
</div>
</div>
</section>
<section>
<h3>Conferences</h3>
<h4>Blackhat</h4>
<p>Participations in Blackhat Asia & Middle East - Africa (2020 - 2024)</p>
<div class="grid-wrapper">
<div class="grid">
<img src="assets/blackhatmea.jpeg"/>
<img src="assets/blackhatasia2023.jpeg"/>
<img src="assets/blackhatasia2024.jpeg"/>
</div>
</div>
</section>
</section>
</main>
<footer class="container">
<ul>
<li>
<a href="https://id.linkedin.com/company/petircysec" target="_blank">
<svg xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 24 24"><path fill="currentColor" d="M19 3a2 2 0 0 1 2 2v14a2 2 0 0 1-2 2H5a2 2 0 0 1-2-2V5a2 2 0 0 1 2-2zm-.5 15.5v-5.3a3.26 3.26 0 0 0-3.26-3.26c-.85 0-1.84.52-2.32 1.3v-1.11h-2.79v8.37h2.79v-4.93c0-.77.62-1.4 1.39-1.4a1.4 1.4 0 0 1 1.4 1.4v4.93zM6.88 8.56a1.68 1.68 0 0 0 1.68-1.68c0-.93-.75-1.69-1.68-1.69a1.69 1.69 0 0 0-1.69 1.69c0 .93.76 1.68 1.69 1.68m1.39 9.94v-8.37H5.5v8.37z"/></svg>
</a>
</li>
<li>
<a href="https://github.com/PETIRsec" target="_blank">
<svg xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 24 24"><path fill="currentColor" d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5c.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34c-.46-1.16-1.11-1.47-1.11-1.47c-.91-.62.07-.6.07-.6c1 .07 1.53 1.03 1.53 1.03c.87 1.52 2.34 1.07 2.91.83c.09-.65.35-1.09.63-1.34c-2.22-.25-4.55-1.11-4.55-4.92c0-1.11.38-2 1.03-2.71c-.1-.25-.45-1.29.1-2.64c0 0 .84-.27 2.75 1.02c.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02c.55 1.35.2 2.39.1 2.64c.65.71 1.03 1.6 1.03 2.71c0 3.82-2.34 4.66-4.57 4.91c.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg>
</a>
</li>
</ul>
</footer>
</body>
</html>