Star (-) Watch (-)

CTF Resources

CTF Resources

This repository aims to be an archive of information, tools, and references regarding CTF competitions.

CTFs, especially for beginners, can be very daunting and almost impossible to approach. With some general overviews of common CTF subjects and more in-depth research and explanation in specific topics both beginners and veterans can learn, contribute, and collaborate to expand their knowledge.

What is a CTF?

CTFs are computer security/hacking competitions which generally consist of participants breaking, investigating, reverse engineering and doing anything they can to reach the end goal, a "flag" which is usually found as a string of text.

DEF CON hosts what is the most widely known and first major CTF, occuring annualy at the hacking conference in Las Vegas. Many different competitions have branched off since then, and numerous ones are available year round. One of the best places to see when CTFs are being scheduled is ctftime, an active website with calendars and team rankings.

Example

A very simple type of CTF challenge consists of looking at the source code of websites or programs to find flags and/or hints. For example, can you find the flag hidden on this page?

Using These Docs

These docs are organized broadly along the lines by which CTF tasks are organized. Inside each folder in the topics section is a README like this one explaining the basics of the technology and what the tasks generally involve. Alongside these READMES are folders with more information regarding specific technologies and topics. Many of these articles link to the tools folder, where more detailed explanations can be found for tehcnologies used throughout CTF competitions.

The best way to use these docs is to participate in an actual CTF! Join a CTF or attempt some old tasks and try to solve them. Use the information in this repository to get you started with finding some flags. If you feel like there is insufficient information to help you solve a task, bring up an issue on this repository and someone can try to clarify it.

Moving On

You may be able to solve some CTF challenges after looking through the documents in this repository and understanding the basics of the technologies and subjects covered, but you won't be very proficient or successful for long. To be an adept CTF competitor you have to be able to combine many different strategies and tools to find the flag. Developing the ability to find flags quickly takes practice more than anything, and participating in numerous CTFs will allow you to expand your understanding and abilities, leading you to success.

Conclusion

Now that you know the basics of CTFs, you can visit ctftime and try out a CTF! Using your background knowledge and the information on this page you'll be able to develop a solid basis in computer security.