Sponsoring BYU Capstone Project - Cyberjousting

Fall 2023

For the 2023-2024 school year at Brigham Young University, I am sponsoring a senior capstone project for the Cybersecurity department. The idea for this project, called Cyberjousting, came from a lab in a 300 level operating systems course. My friend and I realized that hands on learning is one of the best ways to learn operating systems and security skills was not by listening to a lecture, but by applying concepts hands on. After conducting some research with a basic level hardening lab for an intro to cybersecurity class, we got some great feedback from the students and are now developing a hands on cybersecurity lab environment for the students to practice these skills and experience up to date cyber issues in a safe environment, and it also provides the professors the ability to outsource lab assignment creation to those that are up to date in current vulnerabilities, exploitations, and misconfigurations to provide the most meaningful learning opporitunity possible.

Our lab environments consist of a few main parts:

  • Competitor/Student VMs: This is the virtual machine that the student will be accessing
  • VPN: All of our lab environment is only accessible through a public facing VPN. This allows the students access to the internal VMs and lab resources
  • Automated Scoring Engine: All of our labs have some sort of automated scoring solution. The scoring engine looks for specific things in the operating system that need to be fixed in order to receive points, and it can also detect if specific services are installed and operating normally.
  • Web Dashboard: All competitions/labs have a web dashboard that provides the students with meaningful score and feedback details, as well as the ability for the professor to track student process.
Technologies used and acomplishments from this experience:
  • VPN setup and deployment
  • Networking
  • Web Development
  • WAF techlologies
  • IDS/IPS solutions
  • Script automation
  • Vulnerability research and creation
  • Virtualization technologies
  • Created custom binaries (Mostly malicous ones)
  • Red team tools and activities
My friend and I have put a lot of work into this project, and we are running 5 lab assignments this semester at BYU, ranging from Malware detection and removal, backups, beginner system hardening and defense, advanced system hardening and defense, and enterprise environment hardening and defense. Our goal is to host a public competition at the end of our winter 2024 semester once we have ironed out all the bugs. We are also hoping to develop an attack defense platform.