Helical Levity is a cyber security company and research firm creating educational tools to help identify and cultivate new talent with the drive and technical skills to enter the cyber security industry. We are the creators of CyberStart, the platform that drives the HM Government's free, extracurricular Cyber Discovery programme developing the next generation of security experts among UK students aged 13 - 18.
Made up of world class designers, developers and security researchers, we blend expertise across all 3 to create products for hard problems, like the skills shortage in security. What kind of people do we need more of in security? How do we find them? And how do we teach them what they need to know to become brilliant security experts? These and hard problems like them are the ones we're trying to solve.
As part of our sponsorship of PHP Yorkshire, our team has built a custom developer-targeted Capture The Flag (CTF) just for this event. This CTF will be open to all PHP Yorkshire participants, and run from 8am - 6pm on Saturday 4 April. This CTF is built with "builders" in mind, focusing on a variety of vulnerabilities developers inadvertently add into their applications at a range of difficulty levels.
The CTF will be run on the Tomahawque Platform, where attendees can score flags, see their scores on a public leaderboard, and compete with other attendees to "think like a hacker", move up the scoreboard, and find the vulnerabilities first. Attendees keen to participate can register an account with Tomahawque at anytime in preparation: we'll share the CTF event invite closer to the conference.
We'll be providing a downloadable Docker environment with all the challenges ready and loaded, which will also allow the attendees to take the challenges home with them and explore them more in-depth at their own pace. We're building these challenges primarily in PHP -- the language most of CyberStart is built in. PHP Yorkshire attendees will feel right at home digging through the code after solving the challenges to get a better understanding of these vulnerabilities. So make sure you come ready to up a docker container on your laptop if you want to play the CTF!