Brought to you by
Your quest begins here! Hone your hacking skills and put them to the test.
The Keep is a community where you can develop your hacking skills. Have you ever wanted to come to a conference, hack a machine, and walk away feeling like you own the world? Yeah, you can do that here.
Everything you need to know…
Our goal is to provide a fun and educational environment where you can both learn how hacking works and test your abilities in a realistic environment. Whether you are a beginner or an expert hacker, there are opportunities for you to learn new things and challenge yourself.
There are two parts to our community. The Exploit Armory and the Dungeon.
— The Exploit Armory —
Come and learn to exploit various services. Have you heard about Text4Shell, Log4J, Shellshock, or any of the other big name vulnerabilities? This is the section of The Keep where you can arm yourself with new tools and techniques.
You will learn how various vulnerabilities work, how to exploit them, and what to do once you’ve gotten a shell.
— The Dungeon —
Come and fight in The Dungeon! Take the tools you learned in the armory and prove your skill against other players by exploiting vulnerable boxes. Each box you successfully hack will earn you points on the leaderboard. As you descend deeper into the dungeon, the challenges will get harder, but more rewarding.
You will face different scenarios that simulate real-world attacks. You will need to use your creativity, persistence, and offensive skills to hack into these boxes. Some of the machines will be on different subnets or networks that are not directly reachable from your machine. You will need to use pivoting techniques to route your traffic through another compromised box on the same network. This adds an extra layer of challenge and realism.
What should I bring?
For the best experience you should bring a laptop when visiting The Keep.
Hours of Operation
Expo Closed Monday
10:30a – 5:00p
10:30a – 5:00p
9:00a – 5:00p
9:00a – 11:00a
What you Learn
- Network & Host Enumeration. You’ll learn how to use NMAP like the best of them
- How to use existing exploits to compromise a host. Tools like searchsploit (exploit-db.com), searching github for PoCs, looking up CVEs, etc
- Privilege escalation techniques on windows & linux
- Useful looting tools & guidance after having compromised a host
- How to pivot from one host to internal hosts
Details are still being worked out, but to collect our MiniBadge, come visit our booth for more details on how get this cool MiniBadge.