Capture The Flag (CTF) Challenges.



Capture The Flag (CTF) Challenges.


CTF Challenge is a kind of hackthon that mainly assaying the practical and logical skills of Ethical Hacking. It consists of a series of challenges that vary in their degree of difficulty, and that require participants to exercise different skill sets to solve. Once an individual challenge is solved, a “flag” is given to the player to earn points. Players can be individuals who attempt the various challenges by themselves, or they can work with others to attempt to score the highest number of points as a team competitively.

There are two main types of CTF challenges.
  • Jeopardy-Style CTFs
  • Attack-Defence CTFs
Jeopardy-Style CTFs consist of completing different challenges from a board range of categories in order to earn points/flags in a limited time. They preserve a leader board usually to figure out the winner of the entire competition. Some of the challenges are based on a story line like a murder or a crime.

Attack-Defense CTFs consist of two teams, one team who defense a network or server, and another who attacks it. Most probably they this type CTFs are knock out because of the large number of competitors. Depending on the nature of the particular CTF game, teams may either be attempting to take an opponent’s flag from their machine or teams may be attempting to plant their own flag on their opponent’s machine.

Every challenge is a combination of multiple domains in information/cyber-security:
  • Penetration testing
  • Cryptography
  • Steganography
  • Computer Forensics
  • Wireless Penetration
  • Programming
  • Reverse engineering
  • Exploitation
  • Traditional attacks such as xSS, SQL Injections etc. & many more…


Sri Lanka has two popular annual CTF Challenges that organized by two cyber security degree holders for inter-university students. CyberFest is organized by the NationalInstitute of Business Management (NIBM). And the other one, CodeFest CTF Challenge is organized by the Sri Lanka Institute of InformationTechnology(SLIIT). Both of them are Jeopardy-Style CTF Challenges. Most of the university students of Sri Lanka those who reads Computer Science major, compete for those challenges as three or four people teams.

I have already participated for the CodeFest CTF challenge and Cyberfest last year(2018) with my team. Our team '7R4C3R' won merit certificate in the Codefest CTF challenge.

Cyberfest at NIBM -2018


Codefest CTF Challenge @SLIIT - 2018

CTF Challenges are organized to improve the practical knowledge of the Cyber-Security and Information Security and the skills of Ethical Hacking. You only have to know the technologies that linked up with them. Basic knowledge of networking and virtualization also needed for these competitions. If you are a beginner or an expert in information/cyber security competing for a CTF Challenge will be a very exiting and an enjoyable experience for your career.

References :-


-Asela Kotagama


Comments

  1. We can now add the DSICTS CTF challenge https://dsicts.com/ctf-writeup?level=hard as Sri Lanka's first Capture the Flag hacking competition organized by a school and also Sri Lanaka's third CTF compeition.

    ReplyDelete

Post a Comment

Popular posts from this blog

An Overview of Sri Lanka's Multilingual Heritage

MS SQL Server with AWS RDS - Connect your local Relational Database to Cloud

Team Building activities to improve Motivation