Schedule

Red Teaming CTF (2 days)

A Red Teaming CTF involves a full simulated attack against a network or system, similar to a real-world penetration testing scenario.

Day 0 – Boot Camp 🥾 – Wednesday, September 17, እሮብ, መስከረም 7

Module 1: Intro to CTF’s & LabModule 6: Database Exploitation
Module 2: Network Reconnaissance & ScanningModule 7: Post-Exploitation & Lateral Movement
Module 3: Web Server Exploitation FundamentalsModule 8: Flag Hunting & Reporting
Module 4: Windows & Active Directory FundamentalsModule 9: CTF Simulation & Debrief
Module 5: Initial Access & Privilege Escalation on Windows

Day 1 – Friday, September 19, አርብ, መስከረም 9

8:00 AM – 9:00 AMRegistration
9:00 AM – 9:30 AMOpening & Keynote
9:30 AM – 10:00 AMIntroduction to the CTF Challenge and Rules
10:00 AMRed Teaming CTF Begins
12:00 PM – 1:00 PMLunch Break
5:30 PM – 5:45 PMWrap-Up and Preview of Day 2

Day 2 – Saturday, September 20, ቅዳሜ, መስከረም 10

10:00 AM – 10:15 AMDay 1 Recap
10:15 AM – 12:00 PMRed Teaming CTF Continues
12:00 PM – 1:00 PMLunch Break
4:00 PMRed Teaming CTF End
4:15 PM – 4:45 PMJudging & Evaluation
4:45 PM – 5:30 PMAwards Ceremony
5:30 PM – 6:00 PMCTF Review Session – Attack Strategy:
Focus will be placed on the attack strategies used and why certain approaches succeeded or failed. Whether or not many teams were successful, this is an opportunity to analyze the challenge from a red team perspective, evaluate different offensive tools and techniques, and discuss what alternative strategies could have been more effective. This session encourages critical thinking around real-world attack methodologies and decision-making under pressure.
6:00 PM – 6:30 PMParticipant Presentation:
A participant or team presents their strategy for the attack. They’ll share their thought process, tools used, challenges encountered, and how they adapted during the competition. This peer-led session offers valuable insight into practical tactics and promotes knowledge sharing around red and blue team dynamics in realistic scenarios.
6:30 PM – 6:45 PMClosing Remarks

Incident Response CTF (1 day)

An Incident Response CTF involves responding to a cybersecurity incident. Scenarios, logs, network captures, or system images are provided for analysis and remediation proposal.

Day 0 – Boot Camp 🥾 – Thursday, September 18, ሀሙስ, መስከረም 8

Incident Response Fundamentals
Log Analysis Essentials
Hands-On with Wazuh
Threat Hunting & IOC Identification
Real-World Scenario Walkthrough
IR Reporting and Communication

Sunday, September 21, እሁድ, መስከረም 11

10:00 AM – 10:30 AMIntroduction to the CTF Challenge and Rules
10:30 AMIncident Response CTF Begins
12:00 PM – 1:00 PMLunch Break
4:00 PMIncident Response CTF End
4:15 PM – 4:45 PMJudging & Evaluation
4:45 PM – 5:30 PMAwards Ceremony
5:30 PM – 6:00 PMChallenge Review Session – IR / Threat Hunting Strategy:
We’ll examine the initial clues provided, the types of log data available in the SIEM, and the different investigative paths participants took. We’ll discuss which analysis strategies were effective, where teams got stuck, and what could have been done differently. This is a great opportunity to reflect on real-world investigation workflows, use of detection tools, and the importance of pivoting effectively during threat hunts.
6:00 PM – 6:30 PMParticipant Presentation:
A participant or team shares their approach to identifying and investigating the breach. They’ll walk through their investigation process, tools and searches used in the SIEM, key findings, and any obstacles they faced. This session offers valuable peer insight into real-world incident response techniques, encourages discussion on effective log analysis, and highlights lessons learned from the CTF.
6:30 PM – 6:45 PMClosing Remarks