├── README.md
└── LICENSE


/README.md:
--------------------------------------------------------------------------------
  1 | # USTC NEBULA 2025 招新安排
  2 | 
  3 |       ┌---------------------------------------------------------┐
  4 |      ███╗   ██╗███████╗██████╗ ██╗   ██╗██╗      █████╗         │
  5 |      ████╗  ██║██╔════╝██╔══██╗██║   ██║██║     ██╔══██╗        │
  6 |      ██╔██╗ ██║█████╗  ██████╔╝██║   ██║██║     ███████║        │
  7 |      ██║╚██╗██║██╔══╝  ██╔══██╗██║   ██║██║     ██╔══██║        │
  8 |      ██║ ╚████║███████╗██████╔╝╚██████╔╝███████╗██║  ██║        │
  9 |      ╚═╝  ╚═══╝╚══════╝╚═════╝  ╚═════╝ ╚══════╝╚═╝  ╚═╝        │
 10 |       │                                                         │
 11 |       │                                      Join us:           │
 12 |       │                                                         │
 13 |       └---------------------------------------------------------┘
 14 | 
 15 | ## 目录
 16 | 
 17 | - [重要时间节点](#重要时间节点)
 18 | - [学习资料与练习平台](#学习资料与练习平台)
 19 |   - [通用资料](#通用资料)
 20 |   - [逆向 (Reverse)](#逆向-Reverse)
 21 |   - [二进制漏洞利用 (Pwn)](#二进制漏洞利用-Pwn)
 22 |   - [Web (Web)](#Web-Web)
 23 |   - [密码学 (Crypto)](#密码学-Crypto)
 24 |   - [杂项 (Misc)](#杂项-Misc)
 25 |   - [讨论与求助](#讨论与求助)
 26 | - [各方向招新选拔要求](#各方向招新选拔要求)
 27 |   - [通用](#通用)
 28 |   - [逆向 (Reverse)](#逆向-Reverse-1)
 29 |   - [二进制漏洞利用 (Pwn)](#二进制漏洞利用-Pwn-1)
 30 |   - [Web (Web)](#Web-Web-1)
 31 |   - [密码学 (Crypto)](#密码学-Crypto-1)
 32 |   - [杂项 (Misc)](#杂项-Misc-1)
 33 | - [附录：联系方式](#附录联系方式)
 34 | 
 35 | ---
 36 | 
 37 | ## 重要时间节点
 38 | 
 39 | 招新开始时间：北京时间 2025 年 11 月
 40 | 
 41 | ~~招新截止时间：待定~~
 42 | 
 43 | **更新**：招新持续开启，没有截止时间
 44 | 
 45 | ---
 46 | 
 47 | ## 学习资料与练习平台
 48 | 
 49 | > [!IMPORTANT] 
 50 | > **记得学习 CTF 最重要的是实践而不是看书**
 51 | >
 52 | > **大家也不要花很多精力去配置各种所谓的「工具集」，重要的还是在做题中积累经验**
 53 | 
 54 | ### 通用资料
 55 | 
 56 | - [CTF-wiki](https://github.com/ctf-wiki/ctf-wiki)
 57 | - [CTF-All-in-One](https://github.com/firmianay/CTF-All-In-One)
 58 | - [Nebula-CTFTeam/CTF_101](https://github.com/Nebula-CTFTeam/CTF_101)
 59 |   - 供新人参考的新生赛的题解，招新期间我们也会把合适的比赛发到招新群中并在赛后即时发布题解供大家参考学习
 60 | 
 61 | ---
 62 | 
 63 | ### 逆向 (Reverse)
 64 | 
 65 | 建议：多实践，实践到瓶颈就会找到理论学习的方向
 66 | 
 67 | 书籍：
 68 | 
 69 | - 《深入理解计算机系统》（前三章）
 70 | - 《加密与解密》（工具书）
 71 | - 《逆向工程核心原理》（如果喜欢看书学习）
 72 | 
 73 | 资料：[信安实践逆向教材]()
 74 | 
 75 | 题库：[https://buuoj.cn/](https://buuoj.cn/)
 76 | 
 77 | ---
 78 | 
 79 | ### 二进制漏洞利用 (Pwn)
 80 | 
 81 | 1. 以往比赛题（国内比赛基本可以在 buuctf 练习平台里找到，我们也收集了一些近期赛题 & 题解）
 82 | 2. 安全客、先知、看雪等平台的文章
 83 | 3. [https://pwnable.kr/](https://pwnable.kr/)
 84 | 4. [https://pwnable.tw/](https://pwnable.tw/)
 85 | 5. [nssctf](https://www.nssctf.cn/)
 86 | 
 87 | 强烈推荐 pwnable.kr 和 pwnable.tw（tw 题偏难，适合基础掌握后去看），如果觉得都太难了可以做 buuctf 的题
 88 | 
 89 | 工具：pwntools、gdb (with pwndbg 插件)、IDA Pro、各种 ubuntu 发行版、ROPgadget 等
 90 | 
 91 | ---
 92 | 
 93 | ### Web (Web)
 94 | 
 95 | 需要了解的知识：HTTP 协议、JavaScript、PHP、Python、Flask、Nginx、Apache、SQL等；
 96 | 
 97 | 工具：浏览器开发者工具、Burpsuite、sqlmap、nmap 等；
 98 | 
 99 | 常见漏洞：SQL 注入、XSS 跨站脚本、CSRF 跨站请求伪造、文件上传、文件包含、框架安全、PHP 常见漏洞、Python 常见漏洞、代码审计等；
100 | 
101 | 资料：通用资料和 [https://websec.readthedocs.io/zh/latest/](https://websec.readthedocs.io/zh/latest/)；
102 | 
103 | ---
104 | 
105 | ### 密码学 (Crypto)
106 | 
107 | 工具：Python、SageMath、RsaCtfTool 等，重要的在于积累各种类型题的解题脚本
108 | 
109 | 学习资料：基础部分可以参考上面的通用资料，进阶可以看知名比赛题目的 writeup
110 | 
111 | 练习平台：
112 | 
113 | - [https://crypto.sqrt-1.me/](https://crypto.sqrt-1.me/) （zzh 前辈搭建的练习平台）
114 | - [https://cryptohack.org/](https://cryptohack.org/)
115 | 
116 | ---
117 | 
118 | ### 杂项 (Misc)
119 | 
120 | Misc 方向内部可以细分为很多领域，如：
121 | 
122 | - Stego（隐写）
123 | - Forensics（取证）
124 | - Recon（信息搜集，包括 OSINT 等）
125 | - Jailbreak
126 | - ...
127 | 
128 | 此外，有时 AI Security 和区块链安全也会算在 Misc 方向。
129 | 
130 | #### 入门
131 | 
132 | 国内一些比赛和国外一些小型 CTF 竞赛对于隐写、取证、信息搜集方面的考查较多，且简单的题目以对工具的使用为主，不涉及繁杂的代码编写。对于基础比较薄弱的同学，可以考虑从这里入手训练。
133 | 
134 | 以下是一些靶场推荐：
135 | 
136 | - [picoCTF](https://picoctf.org)
137 | - [BUUCTF 在线评测](https://buuoj.cn/)
138 | 
139 | 除此之外，可以参加一些国外的小比赛进行训练。
140 | 
141 | 需要留意的是，这类题目会出现一些被称为「脑洞题」、「套娃题」的低质量题目。
142 | 
143 | #### 进阶
144 | 
145 | 在困难的国际比赛中，Misc 选手需要具备广博的知识面和快速学习的能力，**任何题目都可能出现在 Misc 分类中**。
146 | 
147 | 以下是一些具体的例子：
148 | 
149 | - zer0pts CTF 2023：侧信道攻击
150 | - HITCON CTF 2023：逆向工程、二进制漏洞利用、socket 编程
151 | - （某一次比赛，忘了名字）：Android 逆向获取 API，然后 SQL 注入
152 | 
153 | 不过一般而言，这类题目不会像各方向专门的题目一样困难。
154 | 
155 | ---
156 | 
157 | ### 讨论与求助
158 | 
159 | - 遇到问题首选解决方案是上网搜索；
160 | - 在招新群里问（见附录： 联系方式）；
161 | - 直接问各方向 mentor（见附录： 联系方式）；
162 | - 遇到不会的题目可以搜“题目名称 writeup”，大概率会有别人的 writeup（解题报告），但是一定要自己理解，不能直接照抄;
163 | 
164 | ---
165 | 
166 | ## 各方向招新选拔要求
167 | 
168 | > [!IMPORTANT] 
169 | - 所有选拔标准均不限学院、不限年级、不限成绩（，但是要求是**科大在校生**）；
170 | - 所有选拔标准均为参考标准，并非绝对，我们会根据实际情况调整；
171 | - 题目不必要独立完成，Google / 群里讨论 / 找 mentor 都是有效的解决方法，但是一定要自己理解后做出，不能直接照抄；
172 | - 提前完成或达到选拔标准的同学，可以主动联系 mentor 提前开始正式队内训练；
173 | - 选拔划分方向仅供不明确自己兴趣爱好的同学参考，如果你对多个方向感兴趣，可以考虑联系战队负责同学。无论通过何种选拔方式进入战队，以后均可自由选择自己感兴趣的方向，没有任何限制；
174 | - 以下各方向完成任意一个即可：
175 | 
176 | ### 通用
177 | 
178 | Hackergame 校内获奖（包括特别奖项）；
179 | 
180 | ### 逆向 (Reverse)
181 | 
182 | 常识上，你最好：
183 | 
184 | - 懂科学上网；
185 | - 熟悉 C 语言，尤其是数据类型和指针；
186 | - 能独立配置Python环境，知晓如何安装第三方库，能写出20行以上的Python脚本帮助自己解决问题；
187 | - 有linux环境（VMware, WSL等）；
188 | - 能成功安装IDA Pro 7.5+，并深刻认识到F5的含金量。
189 | 
190 | 训练量上，你至少需要：
191 | 
192 | - 完成 [buuoj](https://buuoj.cn/) 上 reverse 方向第一页的 32 题，可以参考网上的 Writeup；
193 | - 挑选其中 5 题写详细的 Writeup 供 mentor 考察和指导。
194 | 
195 | 训练效果上，你将：
196 | 
197 | - 能使用 IDA Pro 静态分析二进制文件；
198 | - 能在汇编层面上调试二进制文件（能使用 Ollydbg、x64dbg、gdb、windbg 的其中至少一种）；
199 | - 熟悉逆向中常用的加密或编码方法，并能借助工具或自行写代码解密（RC4、TEA、RSA、AES、base64 等）；
200 | - 对以下关键词不感到陌生："栈"，"寄存器"，"混淆"，"反调试"，"加壳 / 查壳 / 脱壳"，"花指令"。
201 | 
202 | ### 二进制漏洞利用 (Pwn)
203 | 
204 | 两项任选其一完成即可:
205 | 
206 | 1. [pwnable.tw](https://pwnable.tw/) 任意 2 题；
207 | 2. Hackergame binary 部分题目（具体列表在比赛开始后公布）。
208 | 
209 | **并且能够解释自己的 WP（解题报告）**
210 | 
211 | ### Web (Web)
212 | 
213 | [ctfhub 技能树](https://www.ctfhub.com/#/skilltree) web 分支下信息泄露、SQL 注入、XSS、文件上传几项中共选择 5 题，并简单记录解题过程
214 | 
215 | ### 密码学 (Crypto)
216 | 
217 | 以下三项任一：
218 | 
219 | - Hackergame 密码学题目（具体列表比赛开始后公布）任意两题；
220 | - [zzh's Crypto Training Challenges](https://crypto.sqrt-1.me/) 任意 18 题：
221 |   - 题数是原则性要求，根据题的难度可以酌情调整，**18** 指代最简单的 18 题；
222 | - [CryptoHack](https://cryptohack.org/) 任意 10 题（前两个分类和问答题除外）。
223 | 
224 | **或** 找 mentor 根据自身基础和兴趣个性化定制任务。
225 | 
226 | 请大家保留自己的解题代码，要求大家能够讲清楚解题思路及原理。
227 | 
228 | ### 杂项 (Misc)
229 | 
230 | 以下条件满足其一即可：
231 | 
232 | - Hackergame general 分类校内排名前 30；
233 | - picoCTF 练习题 General Skills 和 Forensics 分类共 99 题，完成 25 题；
234 | - 如果你有某方面的兴趣或特长，可以找 mentor 定制任务。
235 | 
236 | ---
237 | 
238 | ## 附录：联系方式
239 | 
240 | NEBULA 2025 招新群 QQ：`476033823`
241 | 
242 | > [!NOTE] 
243 | > **如果是一般的题目问题，请直接在群里提问。**
244 | 
245 | **如果有不方便在群里问的问题，可以联系群管理员中对应方向的 mentor（mentor 有自己的学习 / 科研任务，可能很忙，如果照顾不过来请谅解）；**
246 | 
247 | > 详见招新群管理员列表
248 | 
249 | | 方向    | ID          | 联系方式   |
250 | | ------- | ----------- | ---------- |
251 | | Web     | yemaster    | 14******68 |
252 | | Web     | WuY         | 17******24 |
253 | | Pwn     | eastXueLian | 27******28 |
254 | | Crypto  | brealid     | 11******72 |
255 | | Misc    | Crabtux     | 84******9  |
256 | | Misc    | Albedo      | 17******92 |
257 | | Reverse | 0xd009      | 22******04 |
258 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
  1 | Creative Commons Legal Code
  2 | 
  3 | CC0 1.0 Universal
  4 | 
  5 |     CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE
  6 |     LEGAL SERVICES. DISTRIBUTION OF THIS DOCUMENT DOES NOT CREATE AN
  7 |     ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS
  8 |     INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES
  9 |     REGARDING THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS
 10 |     PROVIDED HEREUNDER, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM
 11 |     THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS PROVIDED
 12 |     HEREUNDER.
 13 | 
 14 | Statement of Purpose
 15 | 
 16 | The laws of most jurisdictions throughout the world automatically confer
 17 | exclusive Copyright and Related Rights (defined below) upon the creator
 18 | and subsequent owner(s) (each and all, an "owner") of an original work of
 19 | authorship and/or a database (each, a "Work").
 20 | 
 21 | Certain owners wish to permanently relinquish those rights to a Work for
 22 | the purpose of contributing to a commons of creative, cultural and
 23 | scientific works ("Commons") that the public can reliably and without fear
 24 | of later claims of infringement build upon, modify, incorporate in other
 25 | works, reuse and redistribute as freely as possible in any form whatsoever
 26 | and for any purposes, including without limitation commercial purposes.
 27 | These owners may contribute to the Commons to promote the ideal of a free
 28 | culture and the further production of creative, cultural and scientific
 29 | works, or to gain reputation or greater distribution for their Work in
 30 | part through the use and efforts of others.
 31 | 
 32 | For these and/or other purposes and motivations, and without any
 33 | expectation of additional consideration or compensation, the person
 34 | associating CC0 with a Work (the "Affirmer"), to the extent that he or she
 35 | is an owner of Copyright and Related Rights in the Work, voluntarily
 36 | elects to apply CC0 to the Work and publicly distribute the Work under its
 37 | terms, with knowledge of his or her Copyright and Related Rights in the
 38 | Work and the meaning and intended legal effect of CC0 on those rights.
 39 | 
 40 | 1. Copyright and Related Rights. A Work made available under CC0 may be
 41 | protected by copyright and related or neighboring rights ("Copyright and
 42 | Related Rights"). Copyright and Related Rights include, but are not
 43 | limited to, the following:
 44 | 
 45 |   i. the right to reproduce, adapt, distribute, perform, display,
 46 |      communicate, and translate a Work;
 47 |  ii. moral rights retained by the original author(s) and/or performer(s);
 48 | iii. publicity and privacy rights pertaining to a person's image or
 49 |      likeness depicted in a Work;
 50 |  iv. rights protecting against unfair competition in regards to a Work,
 51 |      subject to the limitations in paragraph 4(a), below;
 52 |   v. rights protecting the extraction, dissemination, use and reuse of data
 53 |      in a Work;
 54 |  vi. database rights (such as those arising under Directive 96/9/EC of the
 55 |      European Parliament and of the Council of 11 March 1996 on the legal
 56 |      protection of databases, and under any national implementation
 57 |      thereof, including any amended or successor version of such
 58 |      directive); and
 59 | vii. other similar, equivalent or corresponding rights throughout the
 60 |      world based on applicable law or treaty, and any national
 61 |      implementations thereof.
 62 | 
 63 | 2. Waiver. To the greatest extent permitted by, but not in contravention
 64 | of, applicable law, Affirmer hereby overtly, fully, permanently,
 65 | irrevocably and unconditionally waives, abandons, and surrenders all of
 66 | Affirmer's Copyright and Related Rights and associated claims and causes
 67 | of action, whether now known or unknown (including existing as well as
 68 | future claims and causes of action), in the Work (i) in all territories
 69 | worldwide, (ii) for the maximum duration provided by applicable law or
 70 | treaty (including future time extensions), (iii) in any current or future
 71 | medium and for any number of copies, and (iv) for any purpose whatsoever,
 72 | including without limitation commercial, advertising or promotional
 73 | purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each
 74 | member of the public at large and to the detriment of Affirmer's heirs and
 75 | successors, fully intending that such Waiver shall not be subject to
 76 | revocation, rescission, cancellation, termination, or any other legal or
 77 | equitable action to disrupt the quiet enjoyment of the Work by the public
 78 | as contemplated by Affirmer's express Statement of Purpose.
 79 | 
 80 | 3. Public License Fallback. Should any part of the Waiver for any reason
 81 | be judged legally invalid or ineffective under applicable law, then the
 82 | Waiver shall be preserved to the maximum extent permitted taking into
 83 | account Affirmer's express Statement of Purpose. In addition, to the
 84 | extent the Waiver is so judged Affirmer hereby grants to each affected
 85 | person a royalty-free, non transferable, non sublicensable, non exclusive,
 86 | irrevocable and unconditional license to exercise Affirmer's Copyright and
 87 | Related Rights in the Work (i) in all territories worldwide, (ii) for the
 88 | maximum duration provided by applicable law or treaty (including future
 89 | time extensions), (iii) in any current or future medium and for any number
 90 | of copies, and (iv) for any purpose whatsoever, including without
 91 | limitation commercial, advertising or promotional purposes (the
 92 | "License"). The License shall be deemed effective as of the date CC0 was
 93 | applied by Affirmer to the Work. Should any part of the License for any
 94 | reason be judged legally invalid or ineffective under applicable law, such
 95 | partial invalidity or ineffectiveness shall not invalidate the remainder
 96 | of the License, and in such case Affirmer hereby affirms that he or she
 97 | will not (i) exercise any of his or her remaining Copyright and Related
 98 | Rights in the Work or (ii) assert any associated claims and causes of
 99 | action with respect to the Work, in either case contrary to Affirmer's
100 | express Statement of Purpose.
101 | 
102 | 4. Limitations and Disclaimers.
103 | 
104 |  a. No trademark or patent rights held by Affirmer are waived, abandoned,
105 |     surrendered, licensed or otherwise affected by this document.
106 |  b. Affirmer offers the Work as-is and makes no representations or
107 |     warranties of any kind concerning the Work, express, implied,
108 |     statutory or otherwise, including without limitation warranties of
109 |     title, merchantability, fitness for a particular purpose, non
110 |     infringement, or the absence of latent or other defects, accuracy, or
111 |     the present or absence of errors, whether or not discoverable, all to
112 |     the greatest extent permissible under applicable law.
113 |  c. Affirmer disclaims responsibility for clearing rights of other persons
114 |     that may apply to the Work or any use thereof, including without
115 |     limitation any person's Copyright and Related Rights in the Work.
116 |     Further, Affirmer disclaims responsibility for obtaining any necessary
117 |     consents, permissions or other rights required for any use of the
118 |     Work.
119 |  d. Affirmer understands and acknowledges that Creative Commons is not a
120 |     party to this document and has no duty or obligation with respect to
121 |     this CC0 or use of the Work.
122 | 


--------------------------------------------------------------------------------