In Capture the Flag events, cyber security experts try to capture the flag by using the vulnerabilities in system. They have to be quicker than other participants. To do that, they have to find the clues in several sections such as cryptography, reverse engineering, etc.
CTF participants consist of: hackers, cyber security experts, information security research groups, or even students.
We can say that joining a CTF competition could be "useful" for you to start work and research in information & cyber security fields.
CTFs are usually done in groups.
There are two kind of CTF.
- Jeopardy
- Attack & Defence
Jeopardy
In this kind of CTF, the participants try to capture the flag step by step by answering correctly to the given security questions. Each questiıon has different difficulty level and score. You can't skip to other question without answering the current one.
Attack & Defence
In this kind of CTF, one group is attacking while other group is defencing. One group is trying to find vulnerability for penetrating into system while other group is trying to fix all these vulnerabilities.
Typical CTF Features
- They are generally performed within Hacking conferences.
- Done in groups (local or remote)
- It's an advantage having people with different type of speciality.
- Work sharing as a team is important.
Categories
- Web
- Mobile
- Crypto
- Forensics
- Network
- Exploiting
- Reversing
- Steganography
- Binary analysis
- Mobile
Qualification expected from participants are: finding vulnerabilities, developing exploits, ability of teamwork. Group members ought to have knowledge of at least from one of them or ideally all of them to be successful.
Information Gathering
- Port Scan and IPS Bypass
- Network Analysis & Attack
- Penetrate into Wireless Network and Crack WPA/WPA2
- Packet Analysis
- Attacks on TCP/IP Layer
- Brute Force, Password Attacks, and Wordlists
- DNS Attacks
- Developing and Using Exploits
- Vulnerability Discovery
- Firewall, IDS, IPS, and WAF Bypass
- Develop needed toolkit within the process
What Do We Get?
- Team Spirit, Teamwork, and Work Sharing
- Solution Oriented and Faster Decision-Making Skills
- Strategic Perspective
- Hacking Experience
- Security Information for Attack and Defence
- Competition Experience
- Improving Yourself and Learning New Stuff About Hacking
- Ability of Thinking Just Like a Real Hacker in Possible Situation
- Teach Us Something About Vulnerabilities, Hacking, and Security.
How to Prepare Yourself for CTF?
- You can get some experience by solving previous competitions' questions.
- You have to be expert in at least one topic that you can see on the competition.
- You can prepare yourself to possible scenarios by analyzing the methods applied in CTF competitions and how they prepared
- Besides topic that you've already become expert, try to learn a couple things about other topics too.
- You should adapt yourself into team spirit.
CTF participants consist of: hackers, cyber security experts, information security research groups, or even students.
We can say that joining a CTF competition could be "useful" for you to start work and research in information & cyber security fields.
CTFs are usually done in groups.
There are two kind of CTF.
- Jeopardy
- Attack & Defence
Jeopardy
In this kind of CTF, the participants try to capture the flag step by step by answering correctly to the given security questions. Each questiıon has different difficulty level and score. You can't skip to other question without answering the current one.
Attack & Defence
In this kind of CTF, one group is attacking while other group is defencing. One group is trying to find vulnerability for penetrating into system while other group is trying to fix all these vulnerabilities.
Typical CTF Features
- They are generally performed within Hacking conferences.
- Done in groups (local or remote)
- It's an advantage having people with different type of speciality.
- Work sharing as a team is important.
Categories
- Web
- Mobile
- Crypto
- Forensics
- Network
- Exploiting
- Reversing
- Steganography
- Binary analysis
- Mobile
Qualification expected from participants are: finding vulnerabilities, developing exploits, ability of teamwork. Group members ought to have knowledge of at least from one of them or ideally all of them to be successful.
Information Gathering
- Port Scan and IPS Bypass
- Network Analysis & Attack
- Penetrate into Wireless Network and Crack WPA/WPA2
- Packet Analysis
- Attacks on TCP/IP Layer
- Brute Force, Password Attacks, and Wordlists
- DNS Attacks
- Developing and Using Exploits
- Vulnerability Discovery
- Firewall, IDS, IPS, and WAF Bypass
- Develop needed toolkit within the process
What Do We Get?
- Team Spirit, Teamwork, and Work Sharing
- Solution Oriented and Faster Decision-Making Skills
- Strategic Perspective
- Hacking Experience
- Security Information for Attack and Defence
- Competition Experience
- Improving Yourself and Learning New Stuff About Hacking
- Ability of Thinking Just Like a Real Hacker in Possible Situation
- Teach Us Something About Vulnerabilities, Hacking, and Security.
How to Prepare Yourself for CTF?
- You can get some experience by solving previous competitions' questions.
- You have to be expert in at least one topic that you can see on the competition.
- You can prepare yourself to possible scenarios by analyzing the methods applied in CTF competitions and how they prepared
- Besides topic that you've already become expert, try to learn a couple things about other topics too.
- You should adapt yourself into team spirit.
Kod:
Original: https://www.turkhackteam.org/capture-flag/1765314-capture-flag-ctf-nedir.html
Translator: R4V3N