BEGIN:VCALENDAR
PRODID:-//vBulletin 6//EN
VERSION:2.0
CALSCALE:GREGORIAN
BEGIN:VEVENT
UID:f127a3ec-aad8-4e4b-8e4a-9375f81086fd
DTSTAMP:20260515T154619Z
SUMMARY:Battle of the Bots\, Sunday 10:00-12:00
DESCRIPTION:..\n..\nBattle of the Bots\nFriday 10:00 - 18:00\nSaturday 10:0
 0 - 18:00\nSunday 10:00 - 12:00\nDEF CON Contest Area\, Forum Ballroom​\
 n\nBattle of The Bots presents a new twist on traditional “King-of-The-H
 ill” style Capture the Flag events by incorporating exploit development\
 , vulnerability analysis\, reverse engineering and software development in
  the form of developing computer worms aka “bots”. BOTBs requires comp
 etitors to develop proof-of-concept exploits against varying misconfigured
  or vulnerable network services. To maximize points scored\, the competito
 r’s bot must automatically scan and compromise network services in the c
 ompetition environment autonomously. Services that are harder to exploit (
 ex: requiring memory corruption exploits opposed to misconfigured database
 s) will result in a higher point score for the competitor.\n\nThe vulnerab
 le network services will include real world vulnerable services where a co
 mpetitor can adopt off the shelf proof-of-concepts vulnerabilities from an
  offensive security resource (ex: Metasploit Framework\, exploit-db\, pack
 etstorm\, etc…) into their bot to achieve access to said vulnerable serv
 ices. Additionally\, custom built vulnerable services informed by OWASP To
 p 10 security bugs as well as CVEs will influence challenge development re
 sulting in a competitor to have the experience of reverse engineering new 
 applications to identify vulnerabilities based on historically significant
  pain points in Software Engineering as well as infamous historical CVEs. 
 Battle of The Bots will give competitors of all skill levels an opportunit
 y to develop proof-of-concept exploits. Network services will be developed
  in a variety of compiled and interpreted languages with varying associate
 d vulnerabilities and points. The variety of languages will provide opport
 unities for those less experienced with reverse engineering to analyze vul
 nerable Python code to find hidden API endpoints that lead to shell execut
 ion for example\, rather than reverse engineer compiled binaries.\n\nFinal
 ly\, the BOTBs team will be capturing network traffic from the competition
  environment to later be shared with the wider community. The BOTBs team b
 elieves that this unique dataset of network service attacks can act as a u
 nique resource for academic researchers\, SOC analysts assessing their def
 enses and training events where having attack data for SIEM analysis. The 
 data will be released under the Apache 2.0 License and hosted publicly on 
 a yet to be determined platform.​​
URL:https://forum.defcon.org/node/245284
DTSTART:20230813T180000Z
DTEND:20230813T200001Z
LOCATION:DEF CON Contest Area\, Forum Ballroom
END:VEVENT
END:VCALENDAR