π“‚€
β˜₯
π“‹Ή
`r`n
WARMUP 5 min

CTF Rules & Strategy

A Capture The Flag (CTF) competition is a cybersecurity challenge where participants find hidden "flags" (strings like flag{...}) by solving security puzzles. CTFs test every skill you've learned: recon, web exploitation, cryptography, forensics, and more.

FLAG FORMAT
Usually flag{...} or CTF{...}
CATEGORIES
Web, Crypto, Forensics, OSINT, Reversing, Pwn
STRATEGY
Start with recon, then exploit, capture, repeat
Key rule: Never attack the infrastructure. Only target the challenge services. Flag sharing = disqualification.
CORE 45 min
π“‚€β˜₯π“‹Ή
Web Exploitation Challenges

Common web CTF challenges test your ability to find hidden endpoints, manipulate requests, and exploit OWASP vulnerabilities.

# Common techniques
curl -X POST http://target.com/login -d "username=admin&password[]="
curl -H "X-Forwarded-For: 127.0.0.1" http://target.com/admin
curl http://target.com/robots.txt # Check for hidden paths
Pro tip: Check cookies, response headers, and HTML comments. Flags are often hidden in unexpected places.
Cryptography Challenges

Crypto challenges require you to break or reverse custom encryption schemes. Start by identifying the cipher type from the output format.

Base64
Ends with = or ==. Decode with base64 -d.
Hex
Only 0-9 and a-f. Use xxd -r -p to decode.
ROT/Caesar
Try rot13 or brute-force all 25 shifts.
Vigenère
Find key length with Kasiski examination, then frequency analysis.
Forensics Challenges

Forensics challenges give you a file β€” an image, pcap, memory dump, or disk image β€” and you must find the flag hidden within.

strings suspicious_file.bin | grep -i flag
binwalk -e firmware.bin # Extract embedded files
steghide extract -sf image.jpg # Steganography
wireshark capture.pcap # Analyse network traffic
Pro tip: Always run file and strings on an unknown file first. Check the file's metadata and trailing bytes.
MINI CHALLENGE 15 min
π“‚€β˜₯π“‹Ή
Solve a Sample CTF Challenge

You've found a file called challenge.bin. Running file on it says "PNG image data". The image looks like a blank white square, but you suspect steganography.

$ file challenge.bin
challenge.bin: PNG image data, 400 x 400, 8-bit/color RGBA
$ strings challenge.bin | grep -i flag
flag{st3g0_1s_fun}
$ steghide extract -sf challenge.bin
Enter passphrase: (no password β€” just hit enter)
wrote extracted data to "hidden.txt".

What was the flag hidden in the file's strings? Try it yourself using any PNG file.

MAIN PROJECT 4 hours
π“‚€β˜₯π“‹Ή
Complete a Mock CTF

Follow this scenario to complete your mock CTF. Document each step and the flag you find.

1
Reconnaissance

Scan the target 10.10.10.5 with Nmap. Which ports are open?

2
Web Exploitation

Port 80 hosts a login page. Try SQL injection: admin' OR '1'='1

3
Cryptography

You find a Base64 string: ZmxhZ3tzMW1wbDMtY3RmITB9. Decode it.

4
Capture the Flag

Combine all your findings. Submit the final flag.

QUIZ 15 min
π“‚€β˜₯π“‹Ή
Level 3 Comprehensive Review

1. What Nmap flag performs a stealth SYN scan?

-sT
-sS
-sP

2. Which OWASP vulnerability injects scripts into web page output?

SQL Injection
XSS
CSRF

3. What is the main difference between encryption and hashing?

Encryption is reversible; hashing is one-way
Hashing uses keys; encryption does not
They are the same thing

4. What CVSS score range indicates a Critical vulnerability?

7.0–8.9
9.0–10.0
0–3.9

5. In a CTF, what tool would you use to extract hidden data from an image?

Nmap
Nikto
Steghide