神刀安全网

You Can Now Play Capture the Flag Through Facebook

Facebook is releasing an open source version of its online capture the flag gaming platform, the company said Wednesday.

Capture the flag, or CTF as the game is often called, is a trendy kind of cybersecurity competition that pits different teams of hackers against one another. The goal is to rack up as many points as possible by completing challenges and solving puzzles.

The game is a popular way to train people interested in computer security.

Get Data Sheet , Fortune ’s technology newsletter.

“Anybody will be able to run their own CTF competition—schools, universities, conferences,” said Javier Marcos, a Facebook fb security engineer who developed the first version of the software as a pet project in 2013. Its elements include a digital game map, registration page, and scoreboard. “We have everything required for all these different events and institutions to run their own competitions.”

Facebook has used the program to power hundreds of competitions so far, the company said, including the recent Cambridge 2 Cambridge Hackathon, a college-level cybersecurity competition hosted this year at the Massachusetts Institute of Technology. The company has also worked with r00tz Asylum, an annual cybersecurity conference in Las Vegas for kids, as well as the Girl Scouts of America.

For more on games, watch:

Marcos said the Facebook security team was inspired to release the platform as an open source tool after its success releasing an open source version of another program, osquery , in 2014. That software allows tech pros to ping and probe machines that are part of an organization’s computing infrastructure, enabling people to run diagnostics or troubleshoot IT issues.

Marcos said he hopes the capture the flag tool will be used to boost students’ education in STEM fields (meaning science, technology, engineering, and mathematics). One of his friends, a high school teacher, is already experimenting with it as a platform for exams, he said.

You can view a demo of the program in action here:

Facebook CTF ► jQuery(document).on( "ready post-load", function() {if ( !jQuery.VideoPress.data["G39aq9zj"] ) { jQuery.VideoPress.data["G39aq9zj"] = new Array(); } jQuery.VideoPress.data["G39aq9zj"][2]={"blog":64089429,"post":1654262,"duration":114,"poster":"http:////i2.wp.com//videos.videopress.com//G39aq9zj//video-10-05-2016-11-41-39_hd.original.jpg","mp4":{"size":"std","uri":"http:////videos.videopress.com//G39aq9zj//video-10-05-2016-11-41-39_std.mp4"},"ogv":{"size":"std","uri":"http:////videos.videopress.com//G39aq9zj//video-10-05-2016-11-41-39_fmt1.ogv"},"locale":{"dir":"ltr","lang":"en"}}; jQuery("#v-G39aq9zj-2-placeholder").show(0,function(){jQuery.VideoPress.analytics.impression( "G39aq9zj" )}); if ( jQuery.VideoPress.video.prepare( "G39aq9zj", {width:400,height:224,container:jQuery("#v-G39aq9zj-2")}, 2 ) ) { jQuery("#v-G39aq9zj-2-placeholder").one("click",function(){jQuery.VideoPress.video.play(jQuery("#v-G39aq9zj-2"))});}}); JavaScript required to play Facebook CTF.

Facebook is releasing two versions of the software. The first, development mode, boots up a virtual machine on users’ computers and lets them play around with the code, customize features (like changing the default world map game board to something else), or look for computer bugs in the software. (People can report any vulnerabilities they might find here .)

The second version, production mode, lets people create a full-blown capture the flag game on a computer server and host a competition. The free tier of Amazon amzn Web Services enables 20 to 30 people to play for about 24 hours, Marcos said.

Gulshan Singh, another Facebook security engineer who works on the capture the flag project as well asThreatExchange, the company’s threat sharing network, said that competing in capture the flag challenges in college helped him eventually to land a gig on Facebook’s security team.

“Not only do CTFs have the ability to teach more technical skills than you’ll get in an average computer science program, they can also help you break into the security industry,” Singh wrote in a blog post announcing the news. “When I started looking for full-time positions, I found security job interviews to be a lot like CTF challenges, which made it easier for me to demonstrate my technical skills—and I was able to make an impact from day one.”

“We can use the power of open source as a teaching mechanism for secure coding practices,” Marcos said.

You can check out the GitHub page for the capture the flag software here .

转载本站任何文章请注明:转载至神刀安全网,谢谢神刀安全网 » You Can Now Play Capture the Flag Through Facebook

分享到:更多 ()

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址