4
Stuxnet
6y

What are some good introductory level CTFs?

I've got a free day tomorrow without any class, so I'm trying to work on something fun but useful.

Comments
  • 7
    I enjoyed Unreal Tournament back in the days.

    (although Im pretty sure you dont mean Capture The Flag but I dont have a clue what else you mean)
  • 1
    @Codex404 No I do mean it lol

    Like what people say are good for learning cyber security
  • 4
    @Codex404 goddamnit you beat me to it, was going to reply "Unreal Tournament 2004's CTF-FaceClassic and CTF-BridgeOfFate", most fun CTF maps ever imho
  • 2
    Lol ok, so I wasn't the only one thinking "Capture the Flag".
  • 3
    @Stuxnet Not really a CTF, but http://overthewire.org/wargames/ is amazing. Many will require Linux systems knowledge, though some follow the application exploit track. Very informative, they will require work to self educate and patience to finish. If you complete all of these you will have a ground level understanding of basic exploits.
  • 4
    @NeedsMoreDivs @Codex404 “Capture the Flag” is the colloquial name for a hacking challenge usually requiring you to obtain a ‘flag’ in the form of a restricted file, database entry, etc.
  • 1
    https://blogs.cisco.com/perspective...

    @NeedsMoreDivs @Codex404 ^^^

    @Diactoros Made me Google it bc I thought I was losing my mind and made this up lmao. But thanks man, I'll take a look.
  • 3
    @Stuxnet oh yeah they’re getting mad organized now. DEFCON and all the spin off conferences do something unique or interesting with them each year. If you’re really interested in infosec generally check out Vulnhub: https://www.vulnhub.com/

    You have to parse through them yourself but hundreds of those are designed for beginners looking to learn. They are most useful if you already know what exploit technique you want to learn (say, code execution via SQL injection)

    If you google around for starting VMs you can find plenty of stuff to sharpen your teeth on.

    Damn Vulnerable Web Application, etc.
  • 2
    @Diactoros awesome thanks man.

    I get to take a few security classes but it might be a while before I can get to them, so I wanted to start learning now.

    I booted up Kali on my Pi (which is helpful since I'm currently taking a class where a large chunk of the material is learning Linux commands and how it works.

    Since I don't have class tomorrow, I'm trying to do something productive and start learning some things that'll be useful
  • 3
    @Diactoros ah. Didn't know that. I just spent a lot of time playing shooting games as a teenager. 😏
  • 2
    @NeedsMoreDivs I used to play ctf outside with a roll of paper towels and a few socks full of flour lol
  • 1
    Overthewire.org is good and they really start at the basics.
    If you think they're too easy, give hackthebox a shot. They do have an entry challenge though.
    Remember, no matter how frustrated you are, never google the solution. That'll only frustrate you more.
  • 1
    @Diactoros That's actually pretty fun lol

    I'm learning a lot of new commands because this is my first week or so of actually using the command line and not GUI (mainly just browsed the internet and watched movies on laptop running mint. Wanted to use it for going to sketchy ass sites).

    Thanks man. I've already done around 7 levels. Gonna try to get to 15 before going to sleep
  • 2
    I liked https://microcorruption.com (if you are interested in embedded stuff)
  • 1
    @Stuxnet Great! I had a classmate introduce me back in the day. I haven’t even finished them, I got into infrastructure / DevOps and migrated out of security stuff. Miss it.
  • 1
    - Overthewire website
    - PicoCTF

    then look up these 2 on YouTube

    1. John Hammond

    Usually posts videos about CTFs with solutions and explanations, I just look at his playlists and see which CTFs there are and go from there, also got a lot of cool Linux/Security stuff)

    And, of course:

    2. LiveOverflow

    This guy is just amazing, he does CTFs, tutorials on basic binary hacking and assembly, researches topics that I'm sure no one knew about them and shares them with us in a very understandable way, you can learn so much from this guy.
  • 1
    @Revenger I've been using OverTheWire when I can, but it's been a few days.

    I think I had seen PicoCTF quite some time ago, but I lost the bookmark or something.

    Im already subbed to LiveOverFlow, but I'll check out John Hammond.

    Thanks
Add Comment