openSec

bridging cybersecurity and education together - for a better world

Comment

Inspiration

  • There is a growing disconnection between people and the items they use. This is notable as the Generation Z cohort increasingly adapts to technology, despite a growing abstraction between the system and the user.
  • Although there are many massive breaches, many of them are posed as foreign actors acting aggressively when often enough, the vulnerability is simple and committed by a sole individual.
  • Hackathons are focused on building projects. As xkcd references, towards the deadline, code quality often gets thrown out the window. Lower code quality is simply prone to more vulnerabilities.
  • Privacy is non-existent in this current surveillance state.

What it does

openSec is a non-profit platform that aims to bring quality cybersecurity education to students of all ages. openSec is track-based, and relies on a CTF/wargames style-manner in order to foster problem-solving and competition.

How we built it

Jonathan built the backend, and Alan worked on the front end and server for the CTF/wargame.

openSec's CTF platform is built with Python's Flask API, as well as responsive HTML/CSS. openSec is hosted on a physical server at the moment, running Ubuntu Server. The client and challenge manager is built with C and Linux bash, utilizing the power of nCurses API for text user interfaces.

Challenges we ran into

C is a very low level language and Alan faced a lot of problems in terms of memory. nCurses is also very undocumented, and became a problem when he attempted to build the CTF management system. We were not able to get AWS, so we had to rely on a local server to do the

Accomplishments that we're proud of

  • Learning nCurses as an API for C in under 24 hours.
  • Working with cybersecurity, and being content to see what it can actually do to help impact educational growth and progression.
  • Growing our skills as programmers, and discovering a passion in entrepreneurship.

What we learned

  • Never use nCurses again.
  • NodeJS is cool, but Flask gives the Python developer a god complexity.

What's next for openSec

*Funding and grants (i.e. HackerFund).

  • Migrating to a VPS or physical dedicated server
  • Building a custom Linux operatings system for the CTF/wargame competition.
  • Work on the CTF management system.
Share this project:

Updates