CTF Radiooo

Youtube Video of podcast Shownotes and Links In this episode, adamd and Zardus interview the Benevolent Bureau of Birds (BBB), new DEF CON CTF organizers! Vie, Robert Xiao, Zaratec, Bluepichu, and MountainRose join us to discuss Capture The Flag (CTF) competitions in the era of AI and large language models. The conversation covers the history, challenges, and future adaptations of CTFs amidst technological advancements. This episode explores the evolving landscape of CTF in the age of AI, community building, and innovative challenge design. Experts discuss the impact of AI on challenge fairness, community engagement, and future directions for cybersecurity competitions. Links DEFCON CTF BBB Official Site Plaid CTF

Youtube Video of podcast Shownotes and Links In this episod, adamd and Zardus interview THE Fish from Shellphish and angr, a prominent figure in the CTF community. They discuss Fish’s journey into CTFs, his experiences with Shellphish, and the evolution of CTF challenges. Fish shares insights on the importance of reversing skills, the development of the angr decompiler, and the impact of CTFs on learning and personal growth. The conversation also touches on the future of reversing in the context of LLMs and the ongoing relevance of CTFs in the cybersecurity landscape.

Youtube Video of podcast Shownotes and Links In this episode, adamd and Zardus welcome Robert Xiao, an associate professor at the University of British Columbia and a seasoned CTF player. The conversation explores Robert’s journey from a background in human-computer interaction to becoming a prominent figure in the CTF community. They discuss his early experiences with game hacking, the challenges of CTFs, and how these experiences have influenced his research and professional development. The episode highlights the importance of community and collaboration in the CTF space, as well as the intersection of technical skills and human factors in computer science. In this conversation, the speakers delve into the hacker mentality and its significance in research and development. They discuss the differences in mindset between various research fields, the importance of innovation through hacking, and the balance between competitive programming and academic research. The conversation also touches on the evolution of Capture The Flag (CTF) teams, the impact of teaching on students, and the personal journeys of the speakers in the realm of security research and challenges. Links Robert’s website

Youtube Video of podcast Shownotes and Links In this episode, adamd and Zardus talk finally talk to Vie from Maple Bacon / MMM in an environment where we can actually hear her. We discuss the evolution of CTF teams, the importance of community and mentorship, and the journey of Vie from a competitive gamer to a key player in the CTF scene. Links Google CTF CTF Radiooo 006 with sirdarckcat CTF Radiooo 016 interview with Vie

Youtube Video of podcast Shownotes and Links In this episode, which seems to be an annual tradition, adamd and Zardus report LIVE from DEF CON 33 about the AIxCC results, first alone then together with Andrew Carney and Perri Adams, the key people involved in creating and running the AIxCC. Links AIxCC @ DEF CON 33 Open-source AIxCC Systems

Youtube Video of podcast Shownotes and Links In this unconventional episode adamd surprises Zardus with Adam’s mom Karlene and musician Swardy, to discuss a new collaboration of the CTF Radiooo theme song. The conversation explores the creative process behind the collaboration, insights into music production, and the importance of community and DIY ethos in artistic endeavors. In the normal episode, adamd and Zardus reflect on their interviews with all the AIxCC teams. They explore the impact of AI on the field, the importance of team dynamics, and the challenges faced in software testing and development. The conversation highlights the diversity of approaches taken by different teams and the lessons learned from the discussion of the competition. Links Swardy’s Secret Sky Set Swardy’s Compact Objects Animated Short Swardy on Spotify

Youtube Video of podcast Shownotes and Links In this episode adamd and Zardus chat with Jeff Huang, Ze Sheng, and Qingxiao Xu from the AIxCC team all_you_need_is_a_fuzzing_brain about their AIxCC final submission. We discuss the innovative use of an AI-focused approach in their CRS. The conversation also highlights the significance of static analysis, performance metrics, and the future of cyber reasoning systems in the context of ongoing advancements in AI. We discuss the importance of local models, strategies for vulnerability detection, and the complexities of patching. Links OS lab

Youtube Video of podcast Shownotes and Links In this episode adamd and Zardus chat with Michael Brown and Evan Downing from the AIxCC team Trail of Bits about their AIxCC final submisson. Trail of Bits discusses their experiences and insights from participating in the AIxCC competition. They discuss the dynamics of their team, the development of their Cyber Reasoning System (CRS) named Buttercup, and the importance of open-source contributions. The discussion highlights the role of fuzzing and contextualization in vulnerability discovery and patching, as well as the integration of large language models in their processes. The team emphasizes the significance of resource management and efficiency in the competition, and they share their vision for future research and applications in the field. They emphasize the importance of choosing the right tools, adapting to evolving standards, and the complexity of their multi-agent system. The conversation also touches on the role of AI in their processes, their strategies for submitting patches, and reflections on their experiences during the competition. Links Trail of Bits Buttercup blog post

Youtube Video of podcast Shownotes and Links In this episode adamd and Zardus chat with Taesoo Kim, Minwoo Baek, HyungSeok Han, and Hanqing Zhao from the AIxCC Team Atlanta about their AIxCC final submisson. Team Atlanta discusses their experiences and strategies in the AIxCC. They discuss team dynamics, communication methods, and the structure of their Cyber Reasoning System, which includes multiple components for different programming languages. The team shares insights on their innovative patching strategies, the use of large language models, and the challenges they faced during the competition. Overall, the discussion highlights the importance of collaboration, effective communication, and the integration of AI in cybersecurity. Links Team Atlanta

Youtube Video of podcast Shownotes and Links In this episode adamd and Zardus chat with David Musliner, Mike Pelican, and Matt McLure from team LACROSSE from SIFT on their AIxCC submission. The conversation covers the team’s background, their experiences in previous competitions, and the architecture of their Cyber Reasoning System (CRS). They discuss the implications of open-sourcing their system, the dynamics of teamwork, and the innovative use of AI in cybersecurity. The episode dives into the technical aspects of their system, including agent communication, task processing, and patch generation, highlighting the challenges and strategies involved in their competition journey. The LACROSSE team discusses their experiences and challenges faced during the AI Cyber Challenge, focusing on vulnerability assessment, patch submission, and the role of LLMs in cybersecurity. They explore the complexities of zero-day vulnerabilities, the strategies employed for patching, and the lessons learned from the competition. The team emphasizes the importance of effective collaboration, the evolving capabilities of AI, and the future potential of combining symbolic reasoning with LLMs. Links SIFT

Youtube Video of podcast Shownotes and Links In this episode adamd and Zardus chat with returning guests Tyler and Tim from team Theori on their AIxCC submission. The Theori team discusses their participation in the AI Cyber Challenge, detailing their unique approach to building a Cyber Reasoning System (CRS) named RoboDuck. The conversation covers the team’s structure, motivation, and the challenges they face, including the potential brittleness of their system and the importance of testing. They discuss the pipeline for analyzing repositories, the use of LLMs for vulnerability detection, and their strategy for submitting patches during the competition. The episode concludes with reflections on the competition and the lessons learned. Links Theori

Youtube Video of podcast Shownotes and Links In this episode adamd and Zardus chat with Xinyu, Dang, Ziyi, and Xinqian from the AIxCC team 42-b3yond-6ug. The team highlights the importance of stability, testing, and collaboration. They share insights on their cyber reasoning system, fuzzing strategies, and the impact of AI models on their work. The team reflects on their experiences, lessons learned, and future aspirations in the field of cybersecurity. Links AIxCC Team 42-b3yond-6ug

Youtube Video of podcast Shownotes and Links In this episode of CTF Radiooo adamd and Zardus discuss the final submission of the AI Cyber Challenge for Shellphish with clasm and honululu. They explore the evolution of the team, the significance of the challenge, and the role of AI in cybersecurity. We discuss the history of DARPA’s cyber challenges, the financial stakes involved, and the collaborative efforts of the team in developing a cyber reasoning system. Clasm and honululu share insights about Team Shellphish’s cyber reasoning system: ARTIPHISHELL. Links AIxCC Shellphish Shellphish Support Syndicate Shellphish AIxCC Team

Youtube Video of podcast Shownotes and Links In this episode of CTF Radiooo adamd and Zardus do a live-from-DEF CON interview with clasm and honululu, the co-captains of the Shellphish AIxCC team. They talk about their approach to the AIxCC qualification competition and their cyber reasoning system ARTIPHISHELL. Finally, we finish with live footage of Shellphish when the seven $2M winning qualifying teams are announced. Links AIxCC Shellphish Shellphish Support Syndicate Shellphish AIxCC Team

Youtube Video of podcast Shownotes and Links In this episode of CTF Radiooo adamd and Zardus talk about the highs (winning $1 million in the AIxCC Small Business Track) and the lows (failing to qualify for DEF CON CTF 2024) of Shellphish. Links AIxCC Shellphish Shellphish Support Syndicate Shellphish AIxCC Team pwn.college

Youtube Video of podcast Shownotes and Links In this unique episode of CTF Radiooo adamd and Zardus chronicle their adventures while playing Nautilus Institute’s DEF CON 31 CTF, all the way from the Friday night before the CTF to early Monday morning leaving to catch a flight. Throughout this episode we talk about the CTF as we’re experiencing it (from a hot tub?!?!), and we catch up with several amazing people in the CTF community, including commentators, players, organizers, and winners (congrats Maple Mallard Magistrates on the win): ZetaTwo, clasm, zanardi, nafod, perribus, negasora, jay, mike_pizza, zaratec, and vie. Unfortunately the sound on the interviews during the CTF after party is not the best, but that’s how recording in a closet in the middle of a party goes! We’ll try to bring on those folks in the future. Special shoutout to our impromptu camerapeople zwad3 and f4c31e55. Links LiveCTF LiveCTF Challenge Source AIxCC Maple Bacon

Youtube Video of podcast Shownotes and Links In this episode of CTF Radiooo adamd and Zardus chat with psifertex, glenns, and negasora from LiveCTF! We talk about LiveCTF competitions in DEF CON CTF Finals 2022 and DEF CON CTF Quals 2023! We also chat about the history of LiveCTF, spectating CTF, the difficulty in creating a challenge at the appropriate difficult level for a spectated CTF, and more! Links psifertex’s sheet of DEF CON CTF pwnAdventure Pwny Racing RET2 Systems WarGames Cryptonomicon

Youtube Video of podcast Shownotes and Links In this episode of CTF Radiooo adamd and Zardus chat about a challenging issue facing the CTF community: if someone finds or uses a 0-day vulnerability in a CTF, what happens? We talk about 0-days, 0-days in CTF, and the complications that arise. Links

Youtube Video of podcast Shownotes and Links In this episode of CTF Radiooo adamd and Zardus chat with anciety, atum, mmmxny, and crazyman of r3kapig: one half of the CTF team P1G BuT S4D! We talk about how the members got into CTFs, how the team gets new members, what is the culture of the team, why do we play CTFs, can we keep playing CTFs?, what makes a good CTF challenge, and (what else) pwn.college! Visit https://r3kapig.com/ to learn more about the team. Links Tweet re: CTF team mergers r3kapig website Joint team C4T BuT S4D website

Youtube Video of podcast Shownotes and Links In this episode of CTF Radiooo adamd and Zardus chat with q7, publicqi, Yuhang Wu, and shiki7 of the CTF team Straw Hat! Links Tweet re: CTF team mergers Straw Hat website