We have developed a virtual machine (VM) framework for cybersecurity education, which we use for courses offered at the University of Birmingham. This VM includes several capture the flag (CTF) style exercises that students can complete to support their learning. On successfully completing a task students obtain a flag or token, which they can submit to a website; each student receives a different flag. The website checks that the flag is genuine and for the correct questions; it can then be used for automatic marking, or to assist the marking of written answers.
- A version of the VM is available here (2.6GB).
- The framework is described in more detail in the paper An Offline Capture The Flag-Style Virtual Machine and an Assessment of its Value for Cybersecurity Education published at the 3GSE '15 Usenix workshop.
This VM currently supports 5 different exercises (answer sheets are available on request):
Teaching material to accompany this course, including lecture slides, videos and recommended reading can be found here.
If you would like to use this VM on a course you teach please get in touch with us (T.Chothia@cs.bham.ac.uk). We will be happy to explain in more detail how it works and help adapt it to your course.