How to solve CTF ☠️ (Capture_the_flags)
Kiran Sethumadhavan
Posted on October 31, 2021
Challenge types
Jeopardy style CTFs challenges are typically divided into categories. I'll try to briefly cover the common ones.
Cryptography - Typically involves decrypting or encrypting a piece of data
Steganography - Tasked with finding information hidden in files or images
Binary - Reverse engineering or exploiting a binary file
Web - Exploiting web pages to find the flag
Pwn - Exploiting a server to find the flag
Where do I start?
If I managed to pique your curiosity, I've compiled a list of resources that helped me get started learning. CTF veterans, feel free to add your own resources in the comments below!
Learning
http://ctfs.github.io/resources/ - Introduction to common CTF techniques such as cryptography, steganography, web exploits (Incomplete)
https://trailofbits.github.io/ctf/forensics/ - Tips and tricks relating to typical CTF challenges/scenarios
https://ctftime.org/writeups - Explanations of solutions to past CTF challenges
Resources
https://ctftime.org - CTF event tracker
https://github.com/apsdehal/awesome-ctf - Comprehensive list of tools and further reading
Tools (That I use often)
binwalk - Analyze and extract files
burp suite - Feature packed web penetration testing framework
stegsolve - Pass various filters over images to look for hidden text
GDB - Binary debugger
The command line :)
Practice
Many of the "official" CTFs hosted by universities and companies are time-limited competitions. There are many CTFs however that are online 24/7 that can be used as practice and learning tools. Here are some that I found to be friendly for beginners.
https://ctflearn.com - A collection of various user-submitted challenges aimed towards newcomers
https://overthewire.org/wargames/ - A series of progressively more difficult pwn-style challenges. (Start with the bandit series)
https://2018game.picoctf.com/ - Yearly time-limited CTF now available to use as practice
Conclusion
CTF is a great hobby for those interested in problem-solving and/or cyber security. The community is always welcoming and it can be a lot of fun tackling challenges with friends.
Thank you for reading!
Happy Hacking ☠️
Listen to my favorite Lofi music Tracks
https://www.youtube.com/watch?v=_C12AC2Cxn8
Ask Cyber Security related question on
https://discourse.heeraj.com/
Join my telegram Group to know about latest Ethical hacking news and tools more than 270 members I have big plans for you .....
Join Now
https://t.me/infosecbugbounty
Posted on October 31, 2021
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.