Uploaded byUIT
PPTX, PDF407 views

Caputre the flag

Capture the Flag (CTF) is a gamified cybersecurity competition that allows participants to learn penetration testing through hands-on challenges, which include finding vulnerabilities in systems or web applications. There are three types of CTFs: jeopardy, attack and defense, and boot2root, each focusing on different skills and collaborative experiences. Real-life applications of CTFs include pentesting for companies and participating in bug bounty programs on platforms like HackerOne and Bugcrowd.

Embed presentation

Download to read offline
Capture The Flag (CTF)
What is a CTF 2
Capture The Flag Capture the flag is a gamified cybersecurity competition designed to challenge people to solve security problems. It’s a way you learn penetration testing (ethical hacking). 3 How does a CTF look like ? It’s like a puzzle where you will need to find vulnerabilities in web application or in a system (linux/windows). You will “hack” your way in to a server using the vulnerabilities you find.
Types of CTF There are 3 types of CTF which helps you to gain practical skills in solving something , you will not only talk about security but you will do hands on hacking. ◦ Jeopardy ◦ Attack and Defense ◦ Boot2Root 4
Jeopardy Jeopardy style CTF’s involves a bunch of challenges that you need to solve .these challenges are related to web application, reverse engineering (pwn) ,cryptography, steganography and some miscellaneous 5
Attack Defense In this type of CTF you will work as a team , you will be presented with a machine to defend and a machine to attack, you will be finding vulnerabilities in the machine patching them then will attack other team’s machine. 6
Boot2Root In this type you will presented with a machine which we call it a “black box” , you don’t know what’s in their , which type of operating system it is , what is running on that machine , ports , application and so on. 7
Are CTF’s applicable in real life scenarios ? 8
How can we gain real life experience ? ◦ Doing a pentest of enterprise companies , start up companies and etc. ◦ Doing bug bounties on public/private programs like facebook , netflix, snapchat and etc through bug bounty platforms like Hackerone, Bugcrowd and intigriti. 9
Tools used in CTF’s /Bug bounties ◦ Burpsuite ◦ Nmap ◦ Hashcat ◦ Sqlmap ◦ Metasploit ◦ Msfvenom ◦ Gobuster ◦ Ghidra ◦ Custom tools/scripts 10
Where can you find active CTF’s 11
How can you get better at CTF’s ? 12

More Related Content

PPTX
Introduction of CTF and CGC
byKir Chou
 
PDF
Capture the flag
byKachkad Narender
 
PPTX
Cyber Security Workshop Presentation.pptx
byYashSomalkar
 
PDF
Penetration Testing Project Game of Thrones CTF: 1
byFlorin D. Tanasache
 
PPT
Port Scanning
byamiable_indian
 
PPTX
Directory Traversal & File Inclusion Attacks
byRaghav Bisht
 
PPTX
Buffer overflow attacks
byJoe McCarthy
 
PPTX
Ethical hacking - Footprinting.pptx
byNargis Parveen
 
Introduction of CTF and CGC
byKir Chou
 
Capture the flag
byKachkad Narender
 
Cyber Security Workshop Presentation.pptx
byYashSomalkar
 
Penetration Testing Project Game of Thrones CTF: 1
byFlorin D. Tanasache
 
Port Scanning
byamiable_indian
 
Directory Traversal & File Inclusion Attacks
byRaghav Bisht
 
Buffer overflow attacks
byJoe McCarthy
 
Ethical hacking - Footprinting.pptx
byNargis Parveen
 

What's hot

PDF
Capture The Flag
byHuu Tung Nguyen
 
PPTX
Play,Learn and Hack- CTF Training
byHeba Hamdy Farahat
 
PPTX
A closer look at CTF challenges
byDNIF
 
PDF
CTF超入門 (for 第12回セキュリティさくら)
bykikuchan98
 
PDF
Getting started with cybersecurity through CTFs by Shruti Dixit & Geethna TK
byCysinfo Cyber Security Community
 
PDF
Cyber security threats for 2017
byRamiro Cid
 
PDF
Cyber Threat Intelligence
byMarlabs
 
PPTX
cyber security
byabithajayavel
 
PPTX
What is Ransomware
byjeetendra mandal
 
PDF
MITRE ATT&CKcon 2018: Helping Your Non-Security Executives Understand ATT&CK ...
byMITRE - ATT&CKcon
 
PDF
CTFとは
byHiromu Yakura
 
PPTX
Hacking
bySharique Masood
 
PPTX
Kali linux
byAadhithyanPandian
 
PPTX
Adversary Emulation using CALDERA
byErik Van Buggenhout
 
PDF
6 strategies to protect yourself from cyber attack
byCPA Australia
 
PPTX
Ransomware
byAkshita Pillai
 
PDF
Ethical Hacking
byJakub Ruzicka
 
PDF
えっ今日はハッキングしてもいいのか?(CTF Web入門)
byotya mura
 
PPTX
Ethical hacking
byInstitute of Information Security (IIS)
 
PDF
Threat Intelligence Workshop
byPriyanka Aash
 
Capture The Flag
byHuu Tung Nguyen
 
Play,Learn and Hack- CTF Training
byHeba Hamdy Farahat
 
A closer look at CTF challenges
byDNIF
 
CTF超入門 (for 第12回セキュリティさくら)
bykikuchan98
 
Getting started with cybersecurity through CTFs by Shruti Dixit & Geethna TK
byCysinfo Cyber Security Community
 
Cyber security threats for 2017
byRamiro Cid
 
Cyber Threat Intelligence
byMarlabs
 
cyber security
byabithajayavel
 
What is Ransomware
byjeetendra mandal
 
MITRE ATT&CKcon 2018: Helping Your Non-Security Executives Understand ATT&CK ...
byMITRE - ATT&CKcon
 
CTFとは
byHiromu Yakura
 
Hacking
bySharique Masood
 
Kali linux
byAadhithyanPandian
 
Adversary Emulation using CALDERA
byErik Van Buggenhout
 
6 strategies to protect yourself from cyber attack
byCPA Australia
 
Ransomware
byAkshita Pillai
 
Ethical Hacking
byJakub Ruzicka
 
えっ今日はハッキングしてもいいのか?(CTF Web入門)
byotya mura
 
Ethical hacking
byInstitute of Information Security (IIS)
 
Threat Intelligence Workshop
byPriyanka Aash
 

Similar to Caputre the flag

PDF
CTFs, Bugbounty and your security career
byIbrahim El-Sayed
 
PDF
A Beginner’s Guide to Capture the flag (CTF) Hacking
byinfosec train
 
PPTX
CTF CyberX-Mind4Future[4].pptx
bycifoxo
 
PDF
Capture The Flag
byOmar Fathy
 
PDF
Flag4 CTF
byijtsrd
 
PDF
It security cft
byMutten
 
PPTX
Winter Hacks CTF.pptx
byPRIYATHAMDARISI
 
PDF
earning by s/doing/h4ck1ng/ - Our experience learning application security th...
byNECST Lab @ Politecnico di Milano
 
PPTX
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
byEC-Council
 
PPTX
Getting ready for a Capture The Flag Hacking Competition
byJoe McCray
 
PDF
CyberX_Slides_Melloni.Daniele.pdf
bycifoxo
 
PDF
How to strengthen the ctf web field for beginners(English)
bykazkiti
 
PPTX
Cyber Security Career
byHesham Elzoghby
 
PDF
Why should you consider playing CTF.pdf
byinfosec train
 
PPTX
Emotional Support for "48 hours of failure"
byGDSC UofT Mississauga
 
PDF
20240921 - HITCON 社群活動《CTF 轉生-到了業界就拿出真本事》- bruce30262 講師分享
byHacks in Taiwan (HITCON)
 
PDF
Why everybody should do CTF / Wargames?
byMiroslav Stampar
 
PPT
HKUST Computer Science Festival 2013 - Seminar: Computer Science, Hacking and...
byAnthony Lai
 
PDF
Capture the Flag Exercise Using Active Deception Defense
byFidelis Cybersecurity
 
PPTX
Root the Box - An Open Source Platform for CTF Administration
byChristopher Grayson
 
CTFs, Bugbounty and your security career
byIbrahim El-Sayed
 
A Beginner’s Guide to Capture the flag (CTF) Hacking
byinfosec train
 
CTF CyberX-Mind4Future[4].pptx
bycifoxo
 
Capture The Flag
byOmar Fathy
 
Flag4 CTF
byijtsrd
 
It security cft
byMutten
 
Winter Hacks CTF.pptx
byPRIYATHAMDARISI
 
earning by s/doing/h4ck1ng/ - Our experience learning application security th...
byNECST Lab @ Politecnico di Milano
 
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
byEC-Council
 
Getting ready for a Capture The Flag Hacking Competition
byJoe McCray
 
CyberX_Slides_Melloni.Daniele.pdf
bycifoxo
 
How to strengthen the ctf web field for beginners(English)
bykazkiti
 
Cyber Security Career
byHesham Elzoghby
 
Why should you consider playing CTF.pdf
byinfosec train
 
Emotional Support for "48 hours of failure"
byGDSC UofT Mississauga
 
20240921 - HITCON 社群活動《CTF 轉生-到了業界就拿出真本事》- bruce30262 講師分享
byHacks in Taiwan (HITCON)
 
Why everybody should do CTF / Wargames?
byMiroslav Stampar
 
HKUST Computer Science Festival 2013 - Seminar: Computer Science, Hacking and...
byAnthony Lai
 
Capture the Flag Exercise Using Active Deception Defense
byFidelis Cybersecurity
 
Root the Box - An Open Source Platform for CTF Administration
byChristopher Grayson
 

Recently uploaded

DOCX
15 Secure Websites to Buy Google Ads Accounts.docx
byDeveloper Digital marketig is pvaisback
 
PDF
LEC-1 INTRODUCTION TO CIVICS.pdf civic slide
bywaqarahmd1122mmd
 
PPTX
How to choose mobile app development company.pptx
byjamesandersonuk40
 
PDF
BCG Executive Perspectives: Future of Marketing with GenAI 2025
bymedia887923
 
DOCX
Best Platforms for Acquiring Aged LinkedIn Accounts Today.docx
bymarketing
 
PDF
Accenture Life Trends 2025 Report - Consulting Presentation Example
bymedia887923
 
PDF
EY - Parthenon US Consumer Sentiment Survey 2025
byswastik121049
 
PDF
Accenture Technology Vision 2025 (AI: A Declaration of Autonomy)
bymedia887923
 
PPTX
2026-01-25 Hebrews 04 (shared slides).pptx
byDale Wells
 
PDF
Booz Allen Velocity Magazine V4 (Fall 2025)
byswastikpaul2017
 
PDF
Bain & Company 2025 Technology - Insights
bymedia887923
 
PPTX
Bob Stewart The Call 01 18 2025.pptx
byFamilyWorshipCenterD
 
PDF
L.E.K. Consulting’s 2025 Office of the CFO Survey: A Study of AI (2025)
byshubham490975
 
PDF
QuantumBlack AI by McKinsey: The State of AI in 2025
bymedia887923
 
PDF
Bain Global Healthcare Private Equity Report 2026
bymedia887923
 
PPTX
2026-01-18 Hebrews 03 (shared slides).pptx
byDale Wells
 
PDF
Goldman Sachs Asset Management Investment Outlook 2026
byshubham490975
 
PDF
McKinsey & Company Technology Trends Outlook (2025)
bymedia887923
 
PDF
Goldman Sachs Third Quarter 2025 Earnings Results Presentation
byshubham490975
 
PDF
BCG Executive Perspectives Unlocking Impact from Agentic AI in Customer Servi...
bymedia887923
 
15 Secure Websites to Buy Google Ads Accounts.docx
byDeveloper Digital marketig is pvaisback
 
LEC-1 INTRODUCTION TO CIVICS.pdf civic slide
bywaqarahmd1122mmd
 
How to choose mobile app development company.pptx
byjamesandersonuk40
 
BCG Executive Perspectives: Future of Marketing with GenAI 2025
bymedia887923
 
Best Platforms for Acquiring Aged LinkedIn Accounts Today.docx
bymarketing
 
Accenture Life Trends 2025 Report - Consulting Presentation Example
bymedia887923
 
EY - Parthenon US Consumer Sentiment Survey 2025
byswastik121049
 
Accenture Technology Vision 2025 (AI: A Declaration of Autonomy)
bymedia887923
 
2026-01-25 Hebrews 04 (shared slides).pptx
byDale Wells
 
Booz Allen Velocity Magazine V4 (Fall 2025)
byswastikpaul2017
 
Bain & Company 2025 Technology - Insights
bymedia887923
 
Bob Stewart The Call 01 18 2025.pptx
byFamilyWorshipCenterD
 
L.E.K. Consulting’s 2025 Office of the CFO Survey: A Study of AI (2025)
byshubham490975
 
QuantumBlack AI by McKinsey: The State of AI in 2025
bymedia887923
 
Bain Global Healthcare Private Equity Report 2026
bymedia887923
 
2026-01-18 Hebrews 03 (shared slides).pptx
byDale Wells
 
Goldman Sachs Asset Management Investment Outlook 2026
byshubham490975
 
McKinsey & Company Technology Trends Outlook (2025)
bymedia887923
 
Goldman Sachs Third Quarter 2025 Earnings Results Presentation
byshubham490975
 
BCG Executive Perspectives Unlocking Impact from Agentic AI in Customer Servi...
bymedia887923
 

Caputre the flag

  • 1.
  • 2.
    What is aCTF 2
  • 3.
    Capture The Flag Capturethe flag is a gamified cybersecurity competition designed to challenge people to solve security problems. It’s a way you learn penetration testing (ethical hacking). 3 How does a CTF look like ? It’s like a puzzle where you will need to find vulnerabilities in web application or in a system (linux/windows). You will “hack” your way in to a server using the vulnerabilities you find.
  • 4.
    Types of CTF Thereare 3 types of CTF which helps you to gain practical skills in solving something , you will not only talk about security but you will do hands on hacking. ◦ Jeopardy ◦ Attack and Defense ◦ Boot2Root 4
  • 5.
    Jeopardy Jeopardy style CTF’sinvolves a bunch of challenges that you need to solve .these challenges are related to web application, reverse engineering (pwn) ,cryptography, steganography and some miscellaneous 5
  • 6.
    Attack Defense In thistype of CTF you will work as a team , you will be presented with a machine to defend and a machine to attack, you will be finding vulnerabilities in the machine patching them then will attack other team’s machine. 6
  • 7.
    Boot2Root In this typeyou will presented with a machine which we call it a “black box” , you don’t know what’s in their , which type of operating system it is , what is running on that machine , ports , application and so on. 7
  • 8.
    Are CTF’s applicablein real life scenarios ? 8
  • 9.
    How can wegain real life experience ? ◦ Doing a pentest of enterprise companies , start up companies and etc. ◦ Doing bug bounties on public/private programs like facebook , netflix, snapchat and etc through bug bounty platforms like Hackerone, Bugcrowd and intigriti. 9
  • 10.
    Tools used inCTF’s /Bug bounties ◦ Burpsuite ◦ Nmap ◦ Hashcat ◦ Sqlmap ◦ Metasploit ◦ Msfvenom ◦ Gobuster ◦ Ghidra ◦ Custom tools/scripts 10
  • 11.
    Where can youfind active CTF’s 11
  • 12.
    How can youget better at CTF’s ? 12