Monday, September 13, 2021

Capture The Flag

CTF - How and Why to start?

Cyber Security, a domain which involves lots of learning and practicing. Whether you are an expert or a beginner in cyber security. Basically, The platform where every individual practice and improve their skills and learn new strategies in Cyber Security. The platform is CTF (Capture The Flag).


As it is mentioned in the image. Capture the Flag is a game. Where you will be given some challenges. These challenges are based on Real Time vulnerabilities that are actually present in the real world web applications. After Solving these challenges, we'll be given some points for each challenge. These challenges difficulty levels are based on Player's experience and knowledge about vulnerabilities.

Concept of  Vulnerability:

Vulnerability is a weakness or flaw in the code or we can say a weak point in the code where attacker can take advantage to get the unauthorized access to the system or credentials which is a sensitive data. So, This term vulnerability is more often used by the security professionals to point out a weak code. So, CTF platforms are the best resource to learn about finding the weak points in the code.

Why CTF? 

Now, we've understood about CTF. Let's talk about why we need to play CTF. Well, If you are an expert ,probably you'll know why to play CTF. But, If you are a beginner, then, you should know why you need to play the CTF.

When i came into Cyber Security, I was illiterate. After sometime i came across some CTF platform named Hackthissite. Then i started completing challenges by reading write-ups and watching walkthrough videos in youtube. But today i can solve the challenges on my own and even i published my own write-ups on another platform challenges named CTFlearn. Well, why i'm telling this is just to understand how a CTF will help for beginners.

If you are a beginner who is reading this blog ,have to understand what a CTF can do in your career. 

So, let's talk about some points here:

  • Vulnerability: We already Know what a vulnerability is. But we need to  learn how to find a vulnerability or we can say weak code in the application .Without knowing what kind of vulnerability. We can't hack into the system. For example, In web Application, we have OWASP TOP 10 vulnerabilities. First we need to know what they are and How they will present in the web Application. 
  • Way of approach: After we know what kind of vulnerability it might be. Then we need to find a way to Exploit the vulnerability. This is the most important part. By solving as CTF challenges you can, the more knowledge you get How to exploit a vulnerability. By Playing CTF's, You can experience different Vulnerabilities with different ways to exploit.  
  • New Strategies: Once you get started with the CTF and get familiar with it. You can observe the way your strategies will get improved. The way you look for vulnerabilities, the way you observe the working and behaviour of the application. These strategies will be improved only by practicing. So, CTF is the best platform to give such valuable things. Even these strategies can be used in real time penetration testing. 
  • Improves Practical Knowledge: When we study about some theoretical stuff, maybe we can't understand it in a  detailed manner. But in CTF, While we are solving a challenge actually we'll go through the entire working and behaviour of each and every component. Starting from the code, networking, protocols, firewalls, etc. By playing these CTF, an individual can gain Practical Knowledge which we'll be helpful in career growth.  
  • Improves Confidence in CyberSecurity: When we solve a challenge. we'll get confidence that we can solve any challenge related to a particular concept. Exactly what we can gain here. When we solve some challenges in CTF, we'll get confident that we can conduct penetration testing in real time environments and can  perform even better. So such confidence can be built by Playing CTF's. 
  • Simulated Realistic Environment for Hacking: Basically, as we discussed above. CTF includes real time vulnerabilities which are actually present in the live websites. So, This can also help in BUG Bounty. If you practice your skills and polish them, You can actually participate in Bug Bounty programs to get paid by reporting vulnerabilities. HackerOne provides invitations for private Bug Bounty programs if you solve their CTF challenges and submit the flags.
  • Can help to clear interviews: Even CTF's can help you to get your interviews cleared.After getting familiar with CTF's you'll know how to find a vulnerability, how to exploit it, your own strategy and practical knowledge that you've gained while solving the CTF challenges can help to clear technical interviews in Cyber Security domain.

Career in Cyber Security by playing CTF:

Many companies like Google, TCS, etc.conduct CTF as their Recruitment process. By Solving those CTF's can get you a job in a company which can pay a decent wage. So, without any delay start your Cyber Security career by solving some CTF challenges

Some CTF Platforms For Beginners:

That's it. If you got familiar once. Don't forget to try HackTheBox, root0x0 Sql Injection challenges and XSS challenges. 

Thank you....

Keep Learning And Keep Growing...


  1. It's very nice of you to share your knowledge through posts. I love to read stories about your experiences. They're very useful and interesting. I am excited to read the next posts. I'm so grateful for all that you've done. Keep plugging. Many viewers like me fancy your writing. Thank you for sharing precious information with us. Best hire a hacker to get a password service provider.

  2. This is really a good source of information, I will often follow it to know more information and expand my knowledge, I think everyone should know it, thanks Best Nokia NRS I service provider

  3. Hi there to everyone, the contents present at this web page are actually amazing for people knowledge, well, you can also visit antivirus for windows 7 for more K7 Computing related information and knowledge. Keep up the good work.

  4. Thanks for publishing such great information. You are doing such a great job. This information is very helpful for everyone. Take a look at this it support Houston. Thanks.

  5. I will share it with my other friends as the information is really very useful. Read more info about It Support Houston. Keep sharing your excellent work. c

  6. Thanks to this article, I was able to gain some important knowledge. I think you have good knowledge after reading it. business voip providers usa I appreciate you letting me know. Keep up the excellent work.

  7. The blog you have shared is marvelous about Cyber Security For Business This is exceptionally helpful for us. Gratitude for sharing such a decent blog.

  8. I got some valuable points through this blog. Thank you sharing this blog.
    Sophos antivirus Brisbane

  9. I am grateful to this blog site providing special as well as useful understanding concerning this subject.
    IT Support Brisbane

  10. Its primary purpose is to provide you with permission to make and receive phone calls. Simply said, a global roaming SIM card is a SIM card that may be used across borders. IoT SIM Card

  11. Throughout this post Affordable Cyber Security Services, it provides me with some excellent information. The material you presented during this write-up was very useful. Keep posting.

  12. You have shared a great article learn to hack ethically because it provides a wealth of information that is exceptionally useful to me. Thank you for sharing that. Please continue to write.



Impact Of Bugs - Injections We all know about the OWASP top 10 vulnerabilities. In those 10 categories, there are several types of bugs with...