Jump to content

CTF Ressources


Florian

Recommended Posts

Hi Choombas

I have read many of you have done CTF Stuff. 

What can you recommend? Sure Many will say Hacktheboy or tryhackme but if this, which rooms you recommend. 

Which other Ressources you know? Do you know CTF Style Cloud stuff or e.g. Hardware or API stuff or what ever you know.

 

Post it here

Cheers Florian

Link to comment
Share on other sites

Does one need to take any prior steps in securing their environment before you try connecting to servers as such for CTFs? Also, overthewire looks pretty fun and straightforward for a start indeed.

Edited by ek1n
Link to comment
Share on other sites

 

41 minutes ago, ek1n said:

Does one need to take any prior steps in securing their environment before you try connecting to servers as such for CTFs? Also, overthewire looks pretty fun and straightforward for a start indeed.

I use Kali in a VM, solely for CTF and bug hunting then when that install gets too messy, I delete it and start fresh. That's good enough for me.

I remember I got seriously stuck on a challenge once because a VPN service I use was blocking an exploit I needed to use for some reason.

Edited by zme
  • Like 3
Link to comment
Share on other sites

20 minutes ago, zme said:

 

I use Kali in a VM, solely for CTF and bug hunting then when that install gets too messy, I delete it and start fresh. That's good enough for me.

I remember I got seriously stuck on a challenge once because a VPN service I use was blocking an exploit I needed to use for some reason.

If you like Kali you might like Parrot, worth checking out imo. its my goto for CTFs

  • Like 5
Link to comment
Share on other sites

2 hours ago, Florian said:

i also mostly use kali or even just a Windows machine with ssh in VM's

from time to time just reinstall and start from "scratch"

@ChickenKing whats the difference between kali and parrot? 

Tools-wise they’re pretty similar but from a high level parrot can run on lesser hardware (not that Kali is hardware intensive), but it overall gives parrot better performance from my experience. It’s also more suited as a daily driver since it’s a distribution based on the desktop Parrot OS which can be used as a daily driver, so it feels a lot more user friendly and intuitive from a GUI perspective. 
 

can’t really go wrong with either but from a look and feel perspective my vote goes to Parrot

  • Like 2
  • Thanks 1
Link to comment
Share on other sites

14 hours ago, fivesam said:

I'll break the ice with the one I think is step 0 for anyone interested in starting with CTFs: overthewire

I love OTW and spend a lot of time on there helping out.

Some interesting other ctf sites:

websec.fr

pwnable.kr

exploit.education (downloadable, not online)

  • Like 2
Link to comment
Share on other sites

Honestly, I find the flare-on yearly CTF to be really great. This years actually ends today but they have all of the previous years challenges along with writeups available on GitHub. The challenges are all reverse engineering, I didnt make it all the way through this years challenges, got stuck on number 8 of 11 but I really enjoyed the feel of the challenges compared to some other CTF competitions. I do happen to enjoy RE a lot more than some of the other categories typically in CTF competitions which is partially why I enjoy flare so much but I would definitely recommend it if youre looking to get into RE.

Link to comment
Share on other sites

I forgot to drop the list earlier, I just remember it today. Here are some of my bookmarks --

1. picoCTF
2. Cyber Threat Defender by University of Texas
3. Let’s Defend
4. TryHackMe
5. HackTheBox Academy
6. Immmersive Lab
7. RangeForce
8. Security Blue Team
9. CyberDefenders
10. OverTheWire
11. UnderTheWire
12. eLearnSecurity/INE
13. Duskers
14. TIS-100
15. ThreatGen Red vs. Blue
16. Spudnet Board Game
17. Cybersecurity Games by CISA
18. Elk
19. Hack the Box
20. Nite Team 4
21. Backdoors and Breaches by Black Hills
22. Cyber Range by Black Hills
23. HackerOne’s CTF
24. NINJIO
25. Targeted Attack Trendmicro
26. Hacknet on Stream
27. Uplink
28. Splunk Boss of the SOC

  • Like 1
  • Thanks 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...