Gain hands-on experience with reverse engineering, forensics, cryptography, steganography etc.
A CTF or "Capture The Flag" is a type of cybersecurity challenge. CTFs are intended to be fun competitions where people can both showcase and hone their skills. There are different competitions designed for the Novice all the way up to Professionals. A FLAG is a peice of electronic information or a token reprensenting access or understanding to show that you have solved a challenge. For example there might be a file hidden inside an insecure web application - you demonstrate that you have discovered the insecurity by showing that you know the flag typically by submitting it to a scoring website.
There are many different formats for these competitions. There are websites that offer some of the same challenge and excitement, that will let you legally and ethically practice and expand your skills. One such site that I have enjoyed is RingZer0.
I spoke with the owner of the site recently to make sure it was OK that I sent hordes of novices to try their challenges. He was very positive and encouraging.
There are currently 322 challenges available in 15 categories. The challenges in each category start easy and get gradually harder as you complete them. Some challenges are worth 2 points, some more - with a few up to 15 points or more.
Your extra credit assignment is this: complete as many of the RingZer0 challenges as you can, up to 25 points. For each RingZer0 point you earn, you'll get 2x points of extra credit in the class (up to 50 extra credit points for 25 ringzer0 points).
For reference sake, I know someone who has been using the site for more than a year who has only 25 points, and I know someone else who got over 100 points in his first 2 weeks (Christmas Vacation) on the site. I expect that any senior in CS might be able to do some of the easier challenges in several categories.
You'll have to create your own account on the site to keep track of your points.
You MUST submit a writeup of how you solved each challenge, both to the site (they have a link to submit writeups for challenges you've solved - and you get points to buy hints when you submit) and to me.
Before midnight on the last day of classes, compute the SHA256 hash of your netid and place it in your profile 'Description' field. Screenshot your profile showing the hash, your username, and your point total.
Extra Extra Credit: Correctly identify my (Fred Clift) profile on that site and include a second screenshot of my current (not that great) ranking on the site for 3 extra points.
Extra Extra Extra Credit: If you end up getting a 'Special Mention' on your writeup because of it's quality by the RingZer0 team, you'll get 1% bump to your final grade.