CTF-style variations
The exercises presented in this chapter are very basic, straightforward examples that are designed for people already intending to get involved in penetration testing or are perhaps already practicing the craft. They will target the majority of users in the middleweight category with some skills but not excessive pwnage. In order to attract the skilled practitioners and new blood out there, you will need to mix it up a little. Poor pen testers will shrug off a simple faux pen test, and those without testing experience are likely to be intimidated by the required skill and toolset. The following options are some ideas on how to vary the course to attract the intended audience.
DEFCON game
While at London Bsides 2014, I was lucky enough to see Joseph Greenwood's presentation on a Capture the Flag event that he ran at his university incorporating elements of the game DEFCON. He set up a situation that mimicked a nuclear weapons' command that also invoked elements of hacking...