Schedule
.
Red Teaming CTF (2 days)
A Red Teaming CTF involves a full simulated attack against a network or system, similar to a real-world penetration testing scenario.
Day 0 – Boot Camp 🥾 – Wednesday, September 17, እሮብ, መስከረም 7
| Module 1: Intro to CTF’s & Lab | Module 6: Database Exploitation |
| Module 2: Network Reconnaissance & Scanning | Module 7: Post-Exploitation & Lateral Movement |
| Module 3: Web Server Exploitation Fundamentals | Module 8: Flag Hunting & Reporting |
| Module 4: Windows & Active Directory Fundamentals | Module 9: CTF Simulation & Debrief |
| Module 5: Initial Access & Privilege Escalation on Windows |
Day 1 – Friday, September 19, አርብ, መስከረም 9
| 8:00 AM – 9:00 AM | Registration |
| 9:00 AM – 9:30 AM | Opening & Keynote |
| 9:30 AM – 10:00 AM | Introduction to the CTF Challenge and Rules |
| 10:00 AM | Red Teaming CTF Begins |
| 12:00 PM – 1:00 PM | Lunch Break |
| 5:30 PM – 5:45 PM | Wrap-Up and Preview of Day 2 |
Day 2 – Saturday, September 20, ቅዳሜ, መስከረም 10
| 10:00 AM – 10:15 AM | Day 1 Recap |
| 10:15 AM – 12:00 PM | Red Teaming CTF Continues |
| 12:00 PM – 1:00 PM | Lunch Break |
| 4:00 PM | Red Teaming CTF End |
| 4:15 PM – 4:45 PM | Judging & Evaluation |
| 4:45 PM – 5:30 PM | Awards Ceremony |
| 5:30 PM – 6:00 PM | CTF Review Session – Attack Strategy: Focus will be placed on the attack strategies used and why certain approaches succeeded or failed. Whether or not many teams were successful, this is an opportunity to analyze the challenge from a red team perspective, evaluate different offensive tools and techniques, and discuss what alternative strategies could have been more effective. This session encourages critical thinking around real-world attack methodologies and decision-making under pressure. |
| 6:00 PM – 6:30 PM | Participant Presentation: A participant or team presents their strategy for the attack. They’ll share their thought process, tools used, challenges encountered, and how they adapted during the competition. This peer-led session offers valuable insight into practical tactics and promotes knowledge sharing around red and blue team dynamics in realistic scenarios. |
| 6:30 PM – 6:45 PM | Closing Remarks |
Incident Response CTF (1 day)
An Incident Response CTF involves responding to a cybersecurity incident. Scenarios, logs, network captures, or system images are provided for analysis and remediation proposal.
Day 0 – Boot Camp 🥾 – Thursday, September 18, ሀሙስ, መስከረም 8
| Incident Response Fundamentals | |
| Log Analysis Essentials | |
| Hands-On with Wazuh | |
| Threat Hunting & IOC Identification | |
| Real-World Scenario Walkthrough | |
| IR Reporting and Communication |
Sunday, September 21, እሁድ, መስከረም 11
| 10:00 AM – 10:30 AM | Introduction to the CTF Challenge and Rules |
| 10:30 AM | Incident Response CTF Begins |
| 12:00 PM – 1:00 PM | Lunch Break |
| 4:00 PM | Incident Response CTF End |
| 4:15 PM – 4:45 PM | Judging & Evaluation |
| 4:45 PM – 5:30 PM | Awards Ceremony |
| 5:30 PM – 6:00 PM | Challenge Review Session – IR / Threat Hunting Strategy: We’ll examine the initial clues provided, the types of log data available in the SIEM, and the different investigative paths participants took. We’ll discuss which analysis strategies were effective, where teams got stuck, and what could have been done differently. This is a great opportunity to reflect on real-world investigation workflows, use of detection tools, and the importance of pivoting effectively during threat hunts. |
| 6:00 PM – 6:30 PM | Participant Presentation: A participant or team shares their approach to identifying and investigating the breach. They’ll walk through their investigation process, tools and searches used in the SIEM, key findings, and any obstacles they faced. This session offers valuable peer insight into real-world incident response techniques, encourages discussion on effective log analysis, and highlights lessons learned from the CTF. |
| 6:30 PM – 6:45 PM | Closing Remarks |