CTF Practice

Last year, at BSidesSLC, there was a capture-the-flag (CTF) contest.  Having neither practiced nor ever done one before, I was hesitant to enter.  However, 74rku5 invited me to try anyway.  Even having started 4 hours late, my efforts were awarded with third place and a Bash Bunny.  Very fun toy.  It does some amazingly cool things.  There’s even a github repo for all the payloads.

This year, I’m practicing to try and get ready for it ahead of time.  To do this, I’m working through some challenges from https://www.hackthis.co.uk/.  Their challenges in many cases feel similar to the ones at last year’s CTF.  Going through the challenges is entertaining… sometimes it’s incredibly frustrating, but getting the answer correct is quite rewarding.  Another great site for this is https://www.hackthissite.org/.

If you’re interested in CTF, you might want to take a look at those sites.  As you go through challenges, you’ll find useful tools online.  As you do that, bookmark the tools you’ve found most useful.  ASCII tables, different types of converters, and other tools that help you solve the challenges can be useful in a CTF contest.  Try it out!