0x5 - First North Sec Experience

This year was my first ever attendance to the North Sec cyber security event. It is Canada’s largest cyber security event, consisting of 3 parts: the conference, competition (CTF) and trainings, spanning nearly a week. Depending on which package you buy, you will be given various ‘swag’ and other items for the various events. In my case, I bought the early bird conference and competition combo since I was still a student at the time (students got a 50% off promotion code) and wanted to do some networking. This year was North Sec’s 10th anniversary so it was filled with tons of cool stuff.

Conference

This years conference was 2 days (May 18th & 19) and had many great speakers giving some fascinating talks. Here were my personal favorites:

• Deception for pentesters by Laurent Desaulniers
• Q&A Red Team by Charles F. Hamilton, Laurent Desaulniers, Martin Dube and Guillaume Caillé
• Abusing GitHub for fun and profit: Actions and Codespaces Security by Magno Logan
• Behind the Scenes in GitHub Bug Bounty by Logan MacLaren

The badge for accessing the conference really surprised me, I definitely did not expect to have such an intrecate pieace of hardware. Take a look:

Notice the small mushroom with an LED on it? Well in the community village, there was a soldering area and I was lucky enough to go when it was quiet, near the end of the second day and got to learn beginner skills for soldering. The badge had many challenges which unlocked levels which was really cool, though I didn’t participate in them so much since I attended many talks.

Competition

The talks ended Friday evening around 17:00 and the CTF started at 20:00. I had the priviledge and pleasure to join cubermitis, a group of highly motivated and skilled CTF-erss for this event. We started off quite strong, holding within the top 10 position for the first 24 hours:

By the end of the event, we managed to secure 18th place on the leaderboard with 98 points, out of 76 total teams.

> askgod scoreboard                                  
        TEAM       | POINTS |   LAST SUBMIT     
-------------------+--------+-------------------
  <CA> Cubermitis  |     98 | 2023/05/21 14:57 

Overall, despite being quite new to the CTF scene and finding difficulty with many of the higher level challenges this year, I was proud that I managed to get a few challenges solved while helping out my teammates. The experience I got from the CTF was invaluable and well worth while, I learned a ton while having a great time. I will definitely attend following North Sec events.