fyr3p4w Blog
  • Introduction
  • Other Activities
    • Global Cybersecurity Camp (GCC) Taiwan 2025
  • CTFs
    • ASEAN Cyber Shield 2024
    • Wargames MY 2024
    • HTB Cyber Apocalypse 2024
    • FSIIECTF 2024
Powered by GitBook
On this page
  • Overview
  • Day 0
  • Day 1
  • Day 2
  • Day 3
  • Day 4
  • Day 5
  • Final thoughts
  • Photodump
  1. Other Activities

Global Cybersecurity Camp (GCC) Taiwan 2025

This is my experience representing Malaysia in GCC 2025

PreviousIntroductionNextASEAN Cyber Shield 2024

Last updated 1 month ago

Overview

GCC is an annual event where 50 students from various countries gather to build friendships and learn together. This year, I was fortunate to be one of the 4 people ( Shunsuke , Fira & Nelson ) selected to represent Malaysia in GCC25 held in Taiwan.

These are the topics that are covered in this year's GCC.

Day 0

We met up at the airport at 6am for our 9am flight

We arrived in Taiwan about 2pm and tried our luck at the lucky draw. To my surprise, I won the NT$5000 lucky draw

We attended the Ice-Breaking party where we were welcomed with really good food. Right after the party, we had a self introduction session where students from each country would introduce themselves and their achievements.

This was also when I met my handsome roommate from Korea, Eric.

Day 1

We gathered together at the venue which was when I first met my groupmates from group 8

  • ChaeYoung (Klara) Kim [KR]

  • Hao-Kai Chang (a.k.a. Unicorn) [TW]

  • Thai Son Dinh [VN]

  • Marc Luchian [RO]

I got to know that Klara does some web hacking and threat assessment, Son and Unicorn does reverse engineering and Marc does pwn. There were 4 group work projects :

  • Quantum Security

  • SSO Tracker

  • Robot Security

  • AI-based ICS Incident Investigation System

Day 1 featured Introduction to Threat Modelling Class taught by trainer Donavan Cheah. In this class, we learned about Threat Modelling principles, using STRIDE-LM framework in Threat Modelling as well as hands-on work using threat modelling tool OWASP Threat Dragon.

Right after that, we had a class on Writing a Code Sanitizer by Mikihito Matsuura. We experienced adding tweaks to a small compiler called chibicc, how an actual compiler works and also creating our own security protections to functions like malloc() and free().

Day 2

The second day featured an intense 8 hour class on Reverse Engineering Malware Written in C++ with IDA and Semi-Automated Scripts by Hiroshi Suzuki & Naoki Takayama. This session taught us how to use IDA to reverse engineer a sample malware by identifying classes, inheritance, vftables and strings in the binary. The session was ended off with a mini CTF competition where the participants looked for flags in a malware sample.

Day 3

Day 3 kicked off with a session about Deep-dive in OT security and attacks by trainers Vic Huang & Sol Yang. This session covered what Operational Technology (OT) security is about, the components that make up Industrial Control Systems (ICS) such as SCADA & HMI, some TTPs used by attackers and analysing the Modbus ICS Protocol.

After lunch, we had a session on Detection Engineering with Threat Intelligence: Techniques of consuming and creating threat intelligence for Detection Engineering by Tomohisa Ishikawa whereby he talked about the Basics of Cyber Threat Intelligence, Threat Research and Detection Engineering using SIGMA and YARA.

Day 4

On the last day of training, the first class was about Modern Kernel Exploitation by Cherie-Anne Lee. In this class, the trainer explained about kernel security protections and ways to bypass each security protection. Then, the trainer also showcased some really cool kernel bugs and CTF challenges.

Finally, for our last class we had Introduction to Automotive Cybersecurity & Car Hacking by Kamel Ghali. The agenda for this class included exposing the students to the world of Car Hacking through Bluetooth and a workshop on CAN. What's even more interesting is that the trainer provided us with the hardware setup for the CAN workshop.

Day 5

Day 5 was the last day of GCC25 where each group would have to present their group project to a panel of judges.

Then, all the participants and crew headed off for a city tour in Taipei and a tour around the National Palace Museum.

Finally, the day ended off with an after party which had a karaoke where everyone could sing to their hearts content.

Final thoughts

This was without doubt one of the most fun-filled weeks of my entire life. The week flew by really fast and it felt like just yesterday when we landed in Taiwan and met other people for the first time. I met alot of really cool people who are really passionate in cybersecurity.

I would like to extend my gratitude to all the staff and trainers who took their time to plan the event and training materials for the participants.

Special shout-out to my groupmates from Group 8 for staying up late every night to research and develop our group project. We were constantly sleep-deprived but really enjoyed the moments where we just sat down and chat together.

Also want to shout-out my roommate Eric for being such a cool and friendly guy. He's also a very smart guy who does web hacking and has a few CVEs he found. At the same time, we often talk at night, make jokes together and laugh alot.

Lastly, a big thank you to our sponsors SherpaSec and Cyberwise Inc for sponsoring and selecting me to join GCC25.

I will miss everyone from GCC! I hope our paths will cross again some time in the future ❤️

Photodump

Training Schedule
Self Introduction
From left : Klara, Marc, Kai, me & Son
Groupwork Presentation
Taipei 101