CTF — CAPTURE THE FLAG

Introduction

CTF is a cybersecurity war game. Here the participants exhibit, learn and develop their hacking skills.

There are two major types of CTF:

1. Jeopardy
2. Attack — Defense

I’m more of a Jeopardy CTF player. I have been playing Jeopardy type of CTFs for more than 2 years now. So, let me explain the Jeopardy-style of CTF.

CTFs are conducted both onsite and online mode.

JEOPARDY

This style involves challenges based on categories. The categories are as follows:

1. OSINT — Open Source Intelligence
2. Cryptography
3. Web Exploitation
4. Forensics and Steganography
5. Binary Exploitation (PWN)
6. Reverse Engineering
7. Miscellaneous
8. Hardware (On-site CTFs)

These are the categories, I have come across in my CTF journey.

How to learn/prepare for CTF?

1. Know what you know

Example: If you are good with computer memory allocation and assembly languages you can explore Reverse Engineering and PWN.

2. Experience is the Greatest Teacher

As you take part in more and more CTFs you will face different types of challenges and get familiarized with techniques and tools.

3. Find answers

If you don’t know how to solve a certain challenge, you must read the write up after the CTF ends.

4. Team UP

Your teammates and you are supposed to be good at various categories to win.

5. Never Give UP

Sometimes the CTFs break you down, You must not give up!

The more you break, the stronger you emerge.

6. Keep Learning

Always learn new techniques, concepts and tools. Be updated with the latest threats.

Resource

The following channels are what I refer to quite often.

1. Live Overflow
2. John Hammond

3. Pwn Functions

If you like reading bi0s-wiki is a good place to start learning.

Practice

1. Pico CTF
2. Hack The Box — Challenges
3. Try Hack Me
4. CryptoHack
5. BTLO — Blue Team Labs

Upcoming CTFs and Writeups for retired CTFs can be found in CTFTIME