Skip to main content

This site is somewhere between a personal notebook and a way of not repeating myself.

Currently I write about:

ImaginaryCTF rrng

Imaginary CTF is not your classical weekend CTF. Instead, they have been publishing fun challenges almost every day since April 2021 – pretty impressive. I’ve been solving some of their challenges here and there. This one, from last month, was especially fun. Also I wanted to try a jupyter notebook style write-up. Let me know if this helps comprehension or maybe too much mixing of code and text. The challenge states:

Privacy Enhancing Technologies Summary

This is a summary of the lecture by Prof. Dr. Thorsten Strufe at KIT. The summary is organized as toggles, meant to help active review. PrivacyDefinitionsPrivacy dictionary definitionthe quality or state of being apart from company or observation : seclusion freedom from unauthorized intrusion <one's right to privacy>β‡’ right to be let alone CS definition of privacythe claim of individuals … to determine for themselves when, how, and what extent of information about them is communicated to others.

One Pixel Adversarial Attack - RCTF catspy

This post is about turning a photo of a cat into a photo of a goldfish by changing only one pixel, at least according to resnet50. With Organizers we participated in RCTF during the close race at the end 2022 to be #1 on CTFtime. This literally meant to participate in every high rated CTF and solving every challenge, including the miscy of the misc. The challenge catspy appeared at around 2am in the misc category and the description states:

Large Scale Empirical Ethereum Smart Contract Analysis

Abstract Ethereum smart contracts are Turing complete programs that operate on money and derived assets. With a market capitalization in the three digit billions, there is an interest in quantifying their usage. Despite blockchain data being public by design, large scale analysis of smart contracts is technically challenging to do on a large scale. We summarize methods to analyze contract usage on the Ethereum blockchain and categorize the most popular contracts by their application domain and behavior.

Exam Questions Machine Learning for the Natural Sciences

The lecture Machine Learning for the Natural Sciences promises to focus on applications of machine learning to natural sciences, especially physics and chemistry. However, most of the actual content is repeating machine learning basics, that is already in foundational lectures on machine learning. In the remaining time, a few interesting are presented, but sadly just very shallowly. There is also programming homework that counts for 1/3 of the final grade. This is nice, and I think more courses should do that.

Exam Anti-Patterns

There is no such thing as the perfect university exam, but if we agree that its purpose is to give an objective score about an individual’s comprehension of the covered topics, then there is clearly a way to be less wrong when creating exams. This post lists a few DONT’S that can be easily avoided. If you think there is an anti-pattern in this post, you can write me an email and I will add it here.

Operation System Security Lecture Summary

Lecture summary of the lecture operation systems security, organized with self test toggles. The lecture is concerned with binary exploitation from an offensive as well as a defensive point of view. I can really recommend the lecture, if you are interested in modern security mechanisms implemented by operating systems and hardware. Basic DefinitionsWhat is a vulnerability?What is the definition of an exploit? Set-uid-bitAllows an executable, that is owned by the user, to use root privileges during execution

b01lers CTF resnet Model Inversion

With KITCTF we participated in the bo01lers CTF and finished 6th. There were some quite fun challenges. Including the resnet challenge, which is a machine learning challenge. I hope to see more machine learning challenges in the future. Challenge description: A naive AI startup released a new visual password system based on State-of-the-Art Neural Network technology. Wanting to save on costs they reuse the popular Resnet model to create embeddings which input password images are checked against hoping to leverage the feature extraction capabilities of Resnet.

Self Test Questions Data Science I

Answers to self test questions for the lecture “Data Science I” at KIT. If you spot any errors, write me an e-mail or Discord message. Lecture 1: IntroductionGive examples of applications of clustering.Customer groups clustered based on bought productsUnsupervised malware family identificationOutlier DetectionDescribe a scenario from natural sciences, in which classification is useful: What are the attributes/class? How would you try to solve it?Flower family classification: Attributes (features)Color of different partsShape of different partsSize of different partsSolve it by training a multi-class NN with enough high quality training dataExplain the principle of the One Rule classifier.