Learn How to Hack, Capture the Flag for Beginners!

Molly Struve (she/her) - Dec 22 '18 - - Dev Community

In light of the Holidays, Security Innovation has decided to open up their CTF platform for FREE until January 2nd!

What is a CTF?

CTF stands for Capture the Flag. A capture the flag contest is a special kind of cybersecurity competition designed to challenge its participants to solve computer security problems by hacking into or defending computer systems.

What is so cool about Security Innovation's CTF?

CMD+CTRL, which is the name of Security Innovation's CTF platform, is GREAT for beginners. They give you a vulnerable website and you have to figure out how to hack into it and find vulnerabilities. This can be intimidating, especially if you have never done one of these before. No need to stress though, CMD+CTRL has you covered! When you login for the first time this is what you will see on your dashboard.

Notice the "HINTS" and "GUIDES" options. If you are new, head to the Guides section.

Here you will find lots of awesome resources to help you get started! The Cheat Sheet is probably the best page to check out first. This section will walk you through some hacks that you might want to try in order to find vulnerabilities. At the bottom of the Cheat Sheet, there is also a list of other tools you can use when you are hacking.

The HINTS section can also be helpful, here you can trade points for hints that will tell you exactly where to find vulnerabilities on the site. Also, according to their website, they will be providing you with videos, tips and blog posts throughout the holidays to help you get ramped up quickly.

I obviously cannot share specifics with you otherwise that would defeat the purpose of the game. But, if you have some free time and want to try your hand at some hacking over the holidays I HIGHLY recommend trying this out! REGISTER HERE

Benefits

Besides just being fun, I found that after I did this CTF I started approaching code a bit differently. Now when I look at a PR or write code, my first thought is, How could I hack this? What if I changed the form input here, would we reject it appropriately? Doing a CTF is a great way to get your feet wet when it comes to thinking and learning about application security.

I do not work for Security Innovation and I have not been encouraged in ANY way by them to write this post. I wrote this simply because of how awesome I think this CTF is for those who have never done one before. I learned a TON from it and I hope others can as well.

Image
Effective Model Version Management in Machine Learning Projects
Image
7 Automation Challenges in Retail Testing To Look Out For Today
Image
Using Polars with NVIDIA GPU (CUDA), on Windows using WSL2
Image
What is a Calendar Calculator?
Image
CSS Display – Controlling the Layout Behavior of Elements
Image
Scaling Node.js Applications: Best Practices, Techniques, and Tools
Image
How to Integrate AWS CodePipeline with GitHub and CodeBuild: Complete Guide for CI/CD
Image
Database Management Systems (DBMS)
Image
JavaScript Frameworks in 2024: React vs. Vue vs. Svelte – Which One to Choose?

webdev, javascript, react, svelte
Image
Unleash the power of JavaScript with Node.js!
Image
Why Bootstrap Users Should Consider Tailwind CSS for Their Next Project ?
Image
How to Preview Rive Files Online
Image
Database Paradigms
Image
This Week In Python
Image
Building a Fake Server for Testing Projects
Image
Checkliste für deine erfolgreiche Website – die wichtigsten Standards im Überblick
Image
Relational Database
Image
Leveraging GraphQL with Next.js for Data Fetching: Supercharge Your Frontend
Image
Django File Structure for Developers
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Terabox Video Player