Cyberclass Summer Camp


CyberClass Landing Page

The website is linked above. It’s just a static site and serves as a landing page to inform prospective students and parents about the camp. Another instructor Aiden and I created it as a rewrite for the previous Google site. It was my first time using Sveltekit on a production website, and I enjoyed working with it. I’m very impressed with the speed at which we created this website, as we rushed to get it up before we started advertising the camp and finished it in about a day.

Reflections

Foreword

There was much more to running the camp than simply setting up a landing page. As the lead instructor, I was responsible for everything, including advertising, curriculum development, teaching, and selecting other instructors. A lot of work went into this camp, and I’m very proud of how it turned out. I especially wanted to thank Danniell Xu, who took over as lead instructor for the first session of camp we ran, as I had to attend an award ceremony elsewhere. The rest of this post will reflect on the camp and my experience running it.

Motivation

This camp was an extension of my high school’s cybersecurity club, of which I am the former president. Being part of that club during high school was a formative experience that interested me in cybersecurity. I wanted to recreate that experience for people who might be younger or not going to be attending my high school and who might not otherwise have been exposed to cybersecurity.

Logistics

Advertising

I wanted to ensure enough students to run the camp properly, so I advertised it to local middle and high schools in the area and on social media. That students would have peers to learn with and motivate themselves was very important to me. The turnout was around 20 students for both camp sessions, which was a perfect class size for learning.

Selecting Instructors

As I was the lead instructor, I needed to select other instructors to help me teach the camp. I also co-ran this camp with Danniell, as he’s one of the people I started learning cybersecurity with. I wanted to select instructors who were both knowledgeable and passionate about cybersecurity, as well as talented teachers. Because of my connections with my school’s very large cyber club, as well as running my own CTF team, I was able to find talented instructors to help lecture and teach the camp. I definitely wouldn’t have been able to run the camp without their help.

Curriculum

We decided to split the camp into an introductory and advanced curricula, with the introductory curriculum being taught in the first session and the advanced curriculum being taught in the second session. The introductory curriculum was designed to be accessible to students with no prior experience in cybersecurity, while the advanced curriculum was designed to be accessible to students who had already some programming experience.

We spent many hours creating slides and exercises for the camp, and I’m very proud of the curriculum we created. The introductory content was very accessible and meant to be a fun introduction to cybersecurity, while the advanced content definitely taught a lot of challenging material. We also tried to make the classes more engaging by including interactive exercises with a point system, as well as giving frequent breaks throughout each day.

Some screenshots of the slides we taught are below (credits to Danniell and Owen for creating some of these slides):

Lecture on Assembly

GDB Walkthrough

printf vulnerability

diffie hellman key exchange with amongus characters

diffie hellman key exchange with numbers

Computing Infrastructure

One of the potential problems we envisioned running into was that students might not have access to computers or tools with which to learn cybersecurity. We also didn’t want to spend valuable time in class setting up these tools and debugging issues caused by different environments. To address this issue, I ended up writing a custom Docker image with Kali linux and all the tools we would need for the camp. Using Coder and Digital Ocean, I was able to host a cloud IDE with the Docker image for each student. This allowed all students (and instructors) to be able to access th exact same environment and tools, turning out to be a very good solution.

We also had to run an internal CTF for the camp, so that students would have experience hacking into real systems. It also was a fun way for students to compete with each other on who could solve the most challenges. We ended up writing several challenges that matched the curriculum we were teaching, and I hosted each challenge on a Digital Ocean droplet. I used the rCTF platform to host the CTF, and I ran the frontend and storage bucket through Google Cloud.

Student Feedback

We ran an anonymous survey at the end of the camp to get feedback from students. The results were overwhelmingly positive, with students saying they enjoyed the camp and learned a lot. Some of the feedback we received is below:

The pacing was good and decently well instructed. The team ctf was fun too. This class allowed me to have a bigger scope on cybersecurity/computer science topics and are quite revelant (and most likely will become more in the future).

I really liked the creative themes for each day :) Cyberclass taught me a lot of fun topics about hacking, computer security and python. Finding the flag and decoding messages was my favorite part. The instructors were really creative and I liked how all the topics were incredibly child-friendly (eg. harry potter, cats, dinos, etc. It made me fit right in.

I loved all the effort u guys put into it and everything you did to help us learn. I enjoyed all the instructors and their styles of teaching, and I appreciate how you have helped push my dream of CS even further! Also the memes were great btw