echoCTF throughout the years…
With 2017 just around the corner we thought it would be a good idea to introduce one of the projects we've been working on for the past 5 years, echoCTF.
Our CTF competition platform, echoCTF, was initially developed in order to run the CTF competition of AthCon 2012.
Since then, echoCTF has improved and grown immensely as it was utilized on subsequent events.
Keep reading to learn more about the echoCTF project and its history.
2012: AthCon 2012 Information Security Conference (Athens - Greece)
The initial implementation included defense and attack capabilities, findings and treasures, custom reports, visual representations of network traffic, scoreboard and an activity stream.
This acted as a proof of concept implementation for future hackathons. The total number of participants was about 30 and the competition lasted for 2 days. Sponsored prizes included licenses for security tools, like Metasploit Pro.
The feedback received from all participants was incredible and it was the fuel that pushed echoCTF development further.
2014: du Cyber Security Conference 2014 (Dubai - UAE)
On the 1st du Hackathon event in 2014, it was the first time echoCTF included a model city in order to demonstrate impact of IT Security in critical infrastructure.
The applications developed during the AthCon 2012 were greatly improved to include new technologies (thanks to OpenBSD). The applications acquired an official project repository, automatic deployment scripts (even though based on BSD Make). In this second iteration of echoCTF, the first signs of individual daemons to handle the required tasks were shown (mysql based arp cache, raw tcpdump processing by the database, vxlan interconnected targets and much much more became a fact).
2016: du Cyber Security Conference 2016 (Dubai - UAE)
The increased participation attracted by the 2nd du Hackathon meant that we had to improve the platform even further (throughput, user interfaces, scenarios etc). Especially the model city, which got greatly improved in terms of visual appearance and enriched with more scenarios. The winning team was awarded with AED 20,000 and every team got a certificate of participation.
2017: MENA Information Security Conference 2017 (Riyadh - KSA)
The MENA ISC Hackathon, held in 2017, was even larger and was calling for the most amazing implementation of echoCTF we had performed so far.
Fourteen teams competed for the 1st, 2nd and 3rd place. echoCTF included 60 target servers in total, of which 20 targets were actually hackable PLCs embedded in a model city to provide smart functionality for the city infrastructure and visualization of impacts when such infrastructure is successfully attacked.
2018: Stay tuned
Every event brings new and exciting challenges along with valuable feedback from everyone involved, be it participants, organizers or event sponsors.
More interesting and dazzling implementations of echoCTF are in the works, stay tuned and Happy New Year.