An Idea

I have a few plans in mind but I am not entirely sure what to do. I hope that messaging my tutor about my current ideas will narrow down my options.

Currently I am thinking about doing some Cloud/Network CTFs which seem very interesting to me. I think a reason for this might be that since this is a new and emerging form of security of growing popularity. Web CTFs also seems appealing to me and I have looked into Natas from OTW which looks very appealing to do.

Pros

  • Interesting concepts
  • A unique experience since Cloud security is still very new
  • Web CTFs is something I’m much more comfortable with

Cons

  • There is not much online since Cloud security is still a growing field
  • I am pretty sure there are HTB limitations on using their virtual machines
  • Doing Web CTFs which is something that I am more comfortable with gives me less of an ability to learn

I have also thought about doing a rubber ducky which seems much more challenging to do compared with CTFs. Additionally, I would have to wait for one to arrive before I can start which will slow down by progress in the early weeks as I have nothing to start off with. Despite this, rubber duckies are very interesting to do as well since it all comes down to your imagination and your dedication/ability to code it. This seems like the harder option, but harder doesn’t necessarily mean that I shouldn’t do it I guess - I’m determined to give it a try and do my best.

Pros

  • Something completely different
  • Unique experience
  • I can do whatever I want and customise it whatever way I want

Cons

  • I have no experience with this
  • I have no clue how much my prior coding experience will help me with this enormous task

Update: I have sent my ideas to my tutor for evaluation.

Initial Draft:

HD

  • Root Access
  • Natas 1-25 are beginner friendly and informative

D

  • Remote Access
  • Natas 1-18 are beginner friendly

CR

  • “Hello, World!” to a notepad
  • Natas 1-12 write-up are beginner targeted

PS

  • Clear reasonable attempts to get rubber ducky to work
  • Write ups for 1-6 are beginner targeted alike bandit write-up already in Security Society writeup

I sent the above draft to my tutor, but I he responded saying that I should focus on one. That is, either CTFs or the Rubber Ducky. I want to do something entirely different and unique, so I think I will give it a try coding a rubber ducky where I can step outside my comfort zone (This is very far outside my comfort zone in my opinion). But I think that it will be a good learning experience and one that I will regret not doing if I was to reflect back.

Work in Progress Draft:

HD

  • Root Access

D

  • Remote Access

CR

  • “Hello, World!” to a notepad

PS

  • Clear reasonable attempts to get rubber ducky to work

There will a blog post weekly on progress. I am still thinking of the different options I have to create and change around. Root and Remote access does not entirely interest me and is extremely stock standard. I want to be able to add in my own piece of creativity within the project that that is definitely something I will think about while creating my more refined version next week. This is still a very basic draft of my marking criteria and does not reflect my entire intentions.

Proposal Weekly Timetable:

  • Finish complete Something Awesome Proposal
  • Order Rubber Ducky to program on [It was ordered on Monday]

Brief Weekly Description

Within this week I aimed to complete my Something Awesome Proposal and submit it to my tutor. Additionally I had also aimed to purchase the Rubber Ducky to program on, I did this as quickly as possible. As shown within the Something Awesome Proposal, the expected day it was to arrive was on the 9-11th of March assuming no major delays occur. I really do hope that no delays happen and it arrives as quick as possible such that I can start all my amazing project idea.

I am really happy with how the proposal looks and it seems really fun to do. It allows me to add my creativity into the Rubber Ducky and customise it anyway I wish. I would also have the opportunity to learn a new language that is more of a niche.

Completed Tasks From Weekly Timetable

  • Finish complete Something Awesome Proposal ✅
  • Order Rubber Ducky to program on [It was ordered on Monday] ✅

Both of these tasks were completed and have been checked by my tutor. I really do hope that the rubber ducky arrives as quick as possible such that I can start. Whilst it was not stated anywhere, I have written a contingency plan for if my Rubber Ducky does not arrive over a set period of time. I am trying to think ahead to lessen the load and stress later.

Something Awesome Time Management

The proposal actually took me a very long time to do (3.5 hours+) which I did not really expect. But at the end of the day I am very happy with this since it is something I really need to think carefully about such that it is actually something I would enjoy building. Comparing it to other weeks, I believe this is only a small amount as I would definitely be devoting as much time as possible as I really want to do well in this course as a reflection of how much I love and want to pursue security.

Final Thoughts / Fears / Reflection

This project proposal looks so fun and exciting! Despite this, I do have doubts on the possibility to crack a Windows 10 login screen as they are usually really well protected with strong security. It is something I would been to spend a lot of time on and I am really scared to tackle it. Despite this, I will try my best considering my commitments to other courses and outside class activities. I will definitely have to manage my time to overcome this obstacle.