Capture the flag (CTF)

n00bs CTF Labs by Infosec Institute

aurelius
March 11, 2015 by
aurelius

n00bs CTF (Capture the Flag) Labs is a web application presented by Infosec Institute. It has 15 mini Capture the Flag challenges intended for beginners and newbies in the information security field or for any average infosec enthusiasts who haven't attended hacker conventions yet.

So what is a CTF? In hacker conventions, CTF or Capture the Flag is a game event which has challenges that vary from exploitation, CrackMes, crypto, forensic, web security, logical games, wireless security, and many more.

What should you learn next?

What should you learn next?

From SOC Analyst to Secure Coder to Security Manager — our team of experts has 12 free training plans to help you hit your goals. Get your free copy now.

If you just want to have fun and dive in then these challenges are for you.

Each level can be hopped in the navigation bar of the web application where different kinds of challenges are in place which include basic static source code analysis for a page, file analysis, steganography, pcap (packet capture) analysis, and other basic forensics challenges.

Here is a screenshot of the Level 8 page:

As what you can see from the image above, you need to download app.exe and then decompile it.

This exercise is meant as an educational experience - about learning and developing your skills for the greater long term good. But we do want this to be fun, too! For that reason, we are offering cash bounties totaling $1200 for people successfully winning up to three flags and posting helpful write-ups online. (Details provided on the CTF site, accessed through the form below.)

In the meantime, there are many articles you can find in the Resources archives that offer up useful information which will help you advance through each level.

Here are eleven articles somehow related to the challenge:

Wireshark

Checking out Backdoor Shells

Steganalysis: Your X-Ray Vision through Hidden Data

Forensics Investigation: The M57 Jean Case

21 Computer Forensics Tool

OWASP Top 10 Tools and Tactics

Top Links of Tools Compilation for Pentesting, Forensics, Security, and Hacking

Extending Debuggers

Reverse Engineering with Ollydbg

Python for Web application security professionals

Metadata: The Hidden Treasure

Interesting, right? So let's start hacking…

What should you learn next?

What should you learn next?

From SOC Analyst to Secure Coder to Security Manager — our team of experts has 12 free training plans to help you hit your goals. Get your free copy now.

 

aurelius
aurelius

aurelius is the creator of n00bs CTF Labs, bug bounty hunter, security researcher at Infosec Institute and an application security analyst. He loves playing games and watching movies aside from hacking.