How to solve CTF ☠️ (Capture_the_flags)

kiransethu46

Kiran Sethumadhavan

Posted on October 31, 2021

How to solve CTF ☠️ (Capture_the_flags)

Challenge types

Jeopardy style CTFs challenges are typically divided into categories. I'll try to briefly cover the common ones.

Cryptography - Typically involves decrypting or encrypting a piece of data

Steganography - Tasked with finding information hidden in files or images

Binary - Reverse engineering or exploiting a binary file

Web - Exploiting web pages to find the flag

Pwn - Exploiting a server to find the flag

Where do I start?

If I managed to pique your curiosity, I've compiled a list of resources that helped me get started learning. CTF veterans, feel free to add your own resources in the comments below!

Learning

http://ctfs.github.io/resources/ - Introduction to common CTF techniques such as cryptography, steganography, web exploits (Incomplete)

https://trailofbits.github.io/ctf/forensics/ - Tips and tricks relating to typical CTF challenges/scenarios

https://ctftime.org/writeups - Explanations of solutions to past CTF challenges

Resources

https://ctftime.org - CTF event tracker

https://github.com/apsdehal/awesome-ctf - Comprehensive list of tools and further reading

Tools (That I use often)

binwalk - Analyze and extract files

burp suite - Feature packed web penetration testing framework

stegsolve - Pass various filters over images to look for hidden text

GDB - Binary debugger

The command line :)

Practice

Many of the "official" CTFs hosted by universities and companies are time-limited competitions. There are many CTFs however that are online 24/7 that can be used as practice and learning tools. Here are some that I found to be friendly for beginners.

https://ctflearn.com - A collection of various user-submitted challenges aimed towards newcomers

https://overthewire.org/wargames/ - A series of progressively more difficult pwn-style challenges. (Start with the bandit series)

https://2018game.picoctf.com/ - Yearly time-limited CTF now available to use as practice

Conclusion

CTF is a great hobby for those interested in problem-solving and/or cyber security. The community is always welcoming and it can be a lot of fun tackling challenges with friends.

Thank you for reading!
Happy Hacking ☠️

Listen to my favorite Lofi music Tracks
https://www.youtube.com/watch?v=_C12AC2Cxn8

Ask Cyber Security related question on
https://discourse.heeraj.com/

Join my telegram Group to know about latest Ethical hacking news and tools more than 270 members I have big plans for you .....
Join Now
https://t.me/infosecbugbounty

💖 💪 🙅 🚩
kiransethu46
Kiran Sethumadhavan

Posted on October 31, 2021

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related