Skip to content

ctf-guide.md

Latest commit

 

History

History
349 lines (266 loc) · 8.5 KB

ctf-guide.md

File metadata and controls

349 lines (266 loc) · 8.5 KB

CTF (Capture The Flag) Getting Started Guide

A beginner's guide to CTF competitions - the gamified way to learn cybersecurity.

🎮 What is CTF?

Capture The Flag (CTF) competitions are cybersecurity challenges where you solve puzzles to find hidden "flags" - typically strings like flag{y0u_f0und_1t!}.

Why Play CTFs?

  • 🎯 Learn security concepts hands-on
  • 🏆 Build demonstrable skills
  • 👥 Join a community
  • 📝 Great for resume/portfolio
  • 💰 Win prizes (sometimes significant)

🎯 CTF Categories

Jeopardy-Style (Most Common)

Choose challenges from categories, earn points for each flag found.

Category What You'll Learn
Web SQL injection, XSS, authentication bypasses
Crypto Encryption/decryption, cipher attacks
Pwn/Binary Buffer overflows, exploitation
Reverse Engineering Disassembly, malware analysis
Forensics File analysis, memory dumps, logs
Misc Programming, OSINT, trivia
Steganography Hidden data in images/files

Attack-Defense

Teams defend their own servers while attacking others.

King of the Hill

Compete to maintain control of a system.

🚀 Getting Started

Step 1: Set Up Your Environment

Minimum Setup:

  • Linux VM (Kali or Parrot)
  • Web browser with developer tools
  • Text editor (VS Code, Sublime)

Install Essential Tools:

# Core tools
sudo apt install -y \
    python3 python3-pip \
    netcat-traditional \
    nmap \
    john \
    hashcat \
    binwalk \
    steghide \
    exiftool \
    ghidra \
    gdb

# Python libraries
pip3 install pwntools requests beautifulsoup4 pycryptodome

Step 2: Practice on Beginner Platforms

Platform Difficulty Best For
PicoCTF ⭐ Easy Absolute beginners
OverTheWire ⭐⭐ Linux/scripting
TryHackMe CTF Rooms ⭐⭐ Guided examples
CryptoHack ⭐⭐ Cryptography
pwn.college ⭐⭐⭐ Binary exploitation
HackTheBox Challenges ⭐⭐⭐ All categories

Step 3: Join Your First Competition

Beginner-Friendly CTFs:

  • PicoCTF (annual, free, beginner)
  • NahamCon CTF
  • DiceCTF
  • San Diego CTF (SDCTF)

Find Competitions:

📚 Category-Specific Guides

Web Exploitation

Common Vulnerabilities:

  • SQL Injection
  • Cross-Site Scripting (XSS)
  • Server-Side Template Injection (SSTI)
  • Local/Remote File Inclusion (LFI/RFI)
  • Authentication bypasses
  • IDOR (Insecure Direct Object Reference)

Tools:

Tool Purpose
Burp Suite HTTP proxy and manipulation
Browser DevTools Inspect source, network, storage
SQLMap Automated SQL injection
curl HTTP requests from command line

Learning Path:

  1. Complete PortSwigger Web Security Academy
  2. Solve OWASP WebGoat
  3. Practice on TryHackMe Web rooms

Cryptography

Common Topics:

  • Classical ciphers (Caesar, Vigenère, substitution)
  • RSA attacks (small e, common modulus)
  • AES/block cipher attacks
  • Hash cracking
  • XOR operations

Tools:

Tool Purpose
CyberChef Data transformation swiss army knife
dCode Cipher identification and cracking
RsaCtfTool RSA attacks
Python + pycryptodome Custom scripts

Learning Path:

  1. Complete CryptoHack
  2. Khan Academy cryptography
  3. "Crypto 101" PDF

Binary Exploitation (Pwn)

Common Techniques:

  • Buffer overflows
  • Return-oriented programming (ROP)
  • Format string attacks
  • Heap exploitation
  • Shellcode writing

Tools:

Tool Purpose
gdb + pwndbg/gef Debugging
pwntools Exploit development
Ghidra/IDA Disassembly
checksec Binary protections
ROPgadget ROP chain building

Learning Path:

  1. OverTheWire Narnia
  2. pwn.college
  3. nightmare binary reverse engineering

Reverse Engineering

What You'll Analyze:

  • ELF binaries (Linux)
  • PE files (Windows)
  • Android APKs
  • Obfuscated code

Tools:

Tool Purpose
Ghidra Free disassembler/decompiler
IDA Free Industry standard
radare2/Cutter Open source framework
strings Quick string extraction
ltrace/strace Runtime tracing

Learning Path:

  1. Reverse simple crackmes
  2. challenges.re
  3. crackmes.one

Forensics

Common Tasks:

  • File carving and recovery
  • Memory analysis
  • Network packet analysis
  • Steganography detection
  • Log analysis

Tools:

Tool Purpose
binwalk Firmware/file extraction
Volatility Memory forensics
Wireshark Packet analysis
Autopsy Disk forensics
exiftool Metadata extraction
steghide Steganography

Learning Path:

  1. DFIR Diva challenges
  2. CTF forensics challenges
  3. MemLabs

🧰 CTF Toolkit Cheat Sheet

Quick References

# Strings from binary
strings -n 8 challenge | grep -i flag

# File type identification
file mystery_file

# Hex dump
xxd file | head -50

# Extract hidden files
binwalk --extract file

# Check image for hidden data
steghide extract -sf image.jpg
exiftool image.jpg
zsteg image.png  # PNG specific

# Base64 decode
echo "ZmxhZ3t0ZXN0fQ==" | base64 -d

# Hex to ASCII
echo "666c6167" | xxd -r -p

# Quick web requests
curl -s http://target/page
curl -X POST -d "param=value" http://target

# Netcat connection
nc target 1337

Python One-Liners

# XOR with single byte
bytes([b ^ 0x42 for b in data])

# Frequency analysis
from collections import Counter
Counter(ciphertext)

# Quick socket connection
from pwn import *
r = remote('host', 1234)
r.sendline(b'payload')
print(r.recv())

🏆 CTF Strategy Tips

During Competition

  1. Read challenges carefully - The description often contains hints
  2. Check the easy ones first - Low-point challenges build confidence
  3. Take notes - Document what you try
  4. Collaborate - Teams win CTFs, not individuals
  5. Use hints wisely - Usually worth the point deduction if you're stuck
  6. Don't rabbit hole - Timebox challenges, move on if stuck

Common Patterns

  • Source code comments often contain hints
  • robots.txt and .git directories on web challenges
  • Default credentials (admin:admin, root:toor)
  • Encoded data is usually base64, hex, or rot13
  • If something looks like random text, try frequency analysis
  • Check file magic bytes if file extension seems wrong

🎓 Building CTF Experience

Beginner Path

  1. Complete PicoCTF (all years)
  2. Finish OverTheWire Bandit, Natas, Narnia
  3. Join 3-5 online CTFs
  4. Read write-ups after each competition

Intermediate Path

  1. Specialize in 1-2 categories
  2. Join a team or create one
  3. Compete regularly (1-2 per month)
  4. Write and publish your own write-ups

Finding Teams

  • CTFtime Teams
  • Discord servers (TryHackMe, HackTheBox)
  • University clubs
  • Local security meetups

📖 Post-CTF Learning

Write-Ups

After each CTF, read write-ups for challenges you couldn't solve:

Creating Write-Ups

Writing your own improves retention:

  1. Document challenge description
  2. Explain your approach
  3. Include code/commands used
  4. Screenshot key steps
  5. Reflect on what you learned

🔗 Essential Resources

Resource Description
CTFtime Competition calendar, rankings
Trail of Bits CTF Guide Comprehensive guide
CTF101 Category guides
John Hammond YouTube CTF walkthroughs
LiveOverflow In-depth explanations
IppSec HackTheBox walkthroughs

← Back to Main README