The word “hacking” must have caught your attention.
What is a CTF?
CTF (Capture The Flag) is an information security competition. It involves solving challenges based on different areas of cybersecurity. CTF’s can help beginners get an idea about the world of cybersecurity and help experts practice their skills. Flags are a string which are generally in the form of flag{*.?} with regex as flag{th1s_15_a_f4k3_fl4g!@#$}
Categories of CTFs :
1) Binary Exploitation
Binary exploitation is the art of triggering vulnerabilities and redirecting code execution to perform functions that are unintended by the developer and hence executing malicious code on the system. Exploitation vulnerabilities are often found in C, C++, asm etc. Various type of binary exploitation methods are:
Buffer overflow, return oriented programming(ROP), heap exploitation, v8 pwn(browser), kernel pwn.
Resources for Binary exploitation:
2) Web exploitation
Web exploitation is the art of exploiting vulnerabilities in the webserver/website to execute remote code or exploit bad configuration in the website. Common vulnerability in this ctf category are: SQL injection(sqli), remote code execution(rce), directory traversal, cross site scripting(xss), server side request forgery(ssrf), cross site request forgery(csrf)
Resources for Web exploitation: