Florian Posted November 8, 2022 Share Posted November 8, 2022 Hi Choombas I have read many of you have done CTF Stuff. What can you recommend? Sure Many will say Hacktheboy or tryhackme but if this, which rooms you recommend. Which other Ressources you know? Do you know CTF Style Cloud stuff or e.g. Hardware or API stuff or what ever you know. Post it here Cheers Florian Link to comment Share on other sites More sharing options...
fivesam Posted November 8, 2022 Share Posted November 8, 2022 I'll break the ice with the one I think is step 0 for anyone interested in starting with CTFs: overthewire 4 Link to comment Share on other sites More sharing options...
ek1n Posted November 8, 2022 Share Posted November 8, 2022 (edited) Does one need to take any prior steps in securing their environment before you try connecting to servers as such for CTFs? Also, overthewire looks pretty fun and straightforward for a start indeed. Edited November 8, 2022 by ek1n Link to comment Share on other sites More sharing options...
zme Posted November 9, 2022 Share Posted November 9, 2022 (edited) 41 minutes ago, ek1n said: Does one need to take any prior steps in securing their environment before you try connecting to servers as such for CTFs? Also, overthewire looks pretty fun and straightforward for a start indeed. I use Kali in a VM, solely for CTF and bug hunting then when that install gets too messy, I delete it and start fresh. That's good enough for me. I remember I got seriously stuck on a challenge once because a VPN service I use was blocking an exploit I needed to use for some reason. Edited November 9, 2022 by zme 3 Link to comment Share on other sites More sharing options...
ChickenKing Posted November 9, 2022 Share Posted November 9, 2022 20 minutes ago, zme said: I use Kali in a VM, solely for CTF and bug hunting then when that install gets too messy, I delete it and start fresh. That's good enough for me. I remember I got seriously stuck on a challenge once because a VPN service I use was blocking an exploit I needed to use for some reason. If you like Kali you might like Parrot, worth checking out imo. its my goto for CTFs 5 Link to comment Share on other sites More sharing options...
Florian Posted November 9, 2022 Author Share Posted November 9, 2022 i also mostly use kali or even just a Windows machine with ssh in VM's from time to time just reinstall and start from "scratch" @ChickenKing whats the difference between kali and parrot? Link to comment Share on other sites More sharing options...
ChickenKing Posted November 9, 2022 Share Posted November 9, 2022 2 hours ago, Florian said: i also mostly use kali or even just a Windows machine with ssh in VM's from time to time just reinstall and start from "scratch" @ChickenKing whats the difference between kali and parrot? Tools-wise they’re pretty similar but from a high level parrot can run on lesser hardware (not that Kali is hardware intensive), but it overall gives parrot better performance from my experience. It’s also more suited as a daily driver since it’s a distribution based on the desktop Parrot OS which can be used as a daily driver, so it feels a lot more user friendly and intuitive from a GUI perspective. can’t really go wrong with either but from a look and feel perspective my vote goes to Parrot 2 1 Link to comment Share on other sites More sharing options...
gilmx Posted November 9, 2022 Share Posted November 9, 2022 14 hours ago, fivesam said: I'll break the ice with the one I think is step 0 for anyone interested in starting with CTFs: overthewire I love OTW and spend a lot of time on there helping out. Some interesting other ctf sites: websec.fr pwnable.kr exploit.education (downloadable, not online) 2 Link to comment Share on other sites More sharing options...
zme Posted November 9, 2022 Share Posted November 9, 2022 (edited) This list on github: https://github.com/apsdehal/awesome-ctf contains a sizeable amount of resources. Also, it is good fun to work through the exploit writing tutorials on https://www.corelan.be/index.php/articles/ although, they are quite dated now. Edited November 9, 2022 by zme 1 Link to comment Share on other sites More sharing options...
TJameson00 Posted November 11, 2022 Share Posted November 11, 2022 Honestly, I find the flare-on yearly CTF to be really great. This years actually ends today but they have all of the previous years challenges along with writeups available on GitHub. The challenges are all reverse engineering, I didnt make it all the way through this years challenges, got stuck on number 8 of 11 but I really enjoyed the feel of the challenges compared to some other CTF competitions. I do happen to enjoy RE a lot more than some of the other categories typically in CTF competitions which is partially why I enjoy flare so much but I would definitely recommend it if youre looking to get into RE. Link to comment Share on other sites More sharing options...
DrDisexon Posted November 18, 2022 Share Posted November 18, 2022 I forgot to drop the list earlier, I just remember it today. Here are some of my bookmarks -- 1. picoCTF 2. Cyber Threat Defender by University of Texas 3. Let’s Defend 4. TryHackMe 5. HackTheBox Academy 6. Immmersive Lab 7. RangeForce 8. Security Blue Team 9. CyberDefenders 10. OverTheWire 11. UnderTheWire 12. eLearnSecurity/INE 13. Duskers 14. TIS-100 15. ThreatGen Red vs. Blue 16. Spudnet Board Game 17. Cybersecurity Games by CISA 18. Elk 19. Hack the Box 20. Nite Team 4 21. Backdoors and Breaches by Black Hills 22. Cyber Range by Black Hills 23. HackerOne’s CTF 24. NINJIO 25. Targeted Attack Trendmicro 26. Hacknet on Stream 27. Uplink 28. Splunk Boss of the SOC 1 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now