Uploaded byUIT
PPTX, PDF407 views

Caputre the flag

Capture the Flag (CTF) is a gamified cybersecurity competition that allows participants to learn penetration testing through hands-on challenges, which include finding vulnerabilities in systems or web applications. There are three types of CTFs: jeopardy, attack and defense, and boot2root, each focusing on different skills and collaborative experiences. Real-life applications of CTFs include pentesting for companies and participating in bug bounty programs on platforms like HackerOne and Bugcrowd.

Embed presentation

Download to read offline
Capture The Flag (CTF)
What is a CTF 2
Capture The Flag Capture the flag is a gamified cybersecurity competition designed to challenge people to solve security problems. It’s a way you learn penetration testing (ethical hacking). 3 How does a CTF look like ? It’s like a puzzle where you will need to find vulnerabilities in web application or in a system (linux/windows). You will “hack” your way in to a server using the vulnerabilities you find.
Types of CTF There are 3 types of CTF which helps you to gain practical skills in solving something , you will not only talk about security but you will do hands on hacking. ◦ Jeopardy ◦ Attack and Defense ◦ Boot2Root 4
Jeopardy Jeopardy style CTF’s involves a bunch of challenges that you need to solve .these challenges are related to web application, reverse engineering (pwn) ,cryptography, steganography and some miscellaneous 5
Attack Defense In this type of CTF you will work as a team , you will be presented with a machine to defend and a machine to attack, you will be finding vulnerabilities in the machine patching them then will attack other team’s machine. 6
Boot2Root In this type you will presented with a machine which we call it a “black box” , you don’t know what’s in their , which type of operating system it is , what is running on that machine , ports , application and so on. 7
Are CTF’s applicable in real life scenarios ? 8
How can we gain real life experience ? ◦ Doing a pentest of enterprise companies , start up companies and etc. ◦ Doing bug bounties on public/private programs like facebook , netflix, snapchat and etc through bug bounty platforms like Hackerone, Bugcrowd and intigriti. 9
Tools used in CTF’s /Bug bounties ◦ Burpsuite ◦ Nmap ◦ Hashcat ◦ Sqlmap ◦ Metasploit ◦ Msfvenom ◦ Gobuster ◦ Ghidra ◦ Custom tools/scripts 10
Where can you find active CTF’s 11
How can you get better at CTF’s ? 12

More Related Content

PPTX
Cyber Security Workshop Presentation.pptx
byYashSomalkar
 
PPTX
Introduction of CTF and CGC
byKir Chou
 
PDF
Capture the flag
byKachkad Narender
 
PPTX
Ethical hacking - Footprinting.pptx
byNargis Parveen
 
PPTX
Buffer overflow attacks
byJoe McCarthy
 
PDF
Penetration Testing Project Game of Thrones CTF: 1
byFlorin D. Tanasache
 
PPTX
Directory Traversal & File Inclusion Attacks
byRaghav Bisht
 
PPT
Port Scanning
byamiable_indian
 
Cyber Security Workshop Presentation.pptx
byYashSomalkar
 
Introduction of CTF and CGC
byKir Chou
 
Capture the flag
byKachkad Narender
 
Ethical hacking - Footprinting.pptx
byNargis Parveen
 
Buffer overflow attacks
byJoe McCarthy
 
Penetration Testing Project Game of Thrones CTF: 1
byFlorin D. Tanasache
 
Directory Traversal & File Inclusion Attacks
byRaghav Bisht
 
Port Scanning
byamiable_indian
 

What's hot

PPTX
A closer look at CTF challenges
byDNIF
 
PPTX
Play,Learn and Hack- CTF Training
byHeba Hamdy Farahat
 
PDF
Capture The Flag
byHuu Tung Nguyen
 
PDF
CTFとは
byHiromu Yakura
 
PPTX
Introduction to penetration testing
byNezar Alazzabi
 
PPTX
System hacking
byCAS
 
PDF
How MITRE ATT&CK helps security operations
bySergey Soldatov
 
PDF
Threat Modelling - It's not just for developers
byMITRE ATT&CK
 
PDF
CTFはとんでもないものを 盗んでいきました。私の時間です…
byHiromu Yakura
 
PDF
A Beginner’s Guide to Capture the flag (CTF) Hacking
byinfosec train
 
PPTX
MITRE ATT&CK framework
byBhushan Gurav
 
PDF
Projects to Impact- Operationalizing Work from the Center
byMITRE ATT&CK
 
PDF
CTF for ビギナーズ バイナリ講習資料
bySECCON Beginners
 
PDF
ATT&CKing the Red/Blue Divide
byMITRE ATT&CK
 
PDF
Client-Side Penetration Testing Presentation
byChris Gates
 
PPTX
Network security protocols.pptx
bySamyLacheheub
 
PPTX
Abusing Microsoft Kerberos - Sorry you guys don't get it
byBenjamin Delpy
 
PPTX
Deep Dive into the Linux Kernel - メモリ管理におけるCompaction機能について
byNTT DATA Technology & Innovation
 
PDF
How to identify and prevent SQL injection
byEguardian Global Services
 
PPTX
Session hijacking
byGayatri Kapse
 
A closer look at CTF challenges
byDNIF
 
Play,Learn and Hack- CTF Training
byHeba Hamdy Farahat
 
Capture The Flag
byHuu Tung Nguyen
 
CTFとは
byHiromu Yakura
 
Introduction to penetration testing
byNezar Alazzabi
 
System hacking
byCAS
 
How MITRE ATT&CK helps security operations
bySergey Soldatov
 
Threat Modelling - It's not just for developers
byMITRE ATT&CK
 
CTFはとんでもないものを 盗んでいきました。私の時間です…
byHiromu Yakura
 
A Beginner’s Guide to Capture the flag (CTF) Hacking
byinfosec train
 
MITRE ATT&CK framework
byBhushan Gurav
 
Projects to Impact- Operationalizing Work from the Center
byMITRE ATT&CK
 
CTF for ビギナーズ バイナリ講習資料
bySECCON Beginners
 
ATT&CKing the Red/Blue Divide
byMITRE ATT&CK
 
Client-Side Penetration Testing Presentation
byChris Gates
 
Network security protocols.pptx
bySamyLacheheub
 
Abusing Microsoft Kerberos - Sorry you guys don't get it
byBenjamin Delpy
 
Deep Dive into the Linux Kernel - メモリ管理におけるCompaction機能について
byNTT DATA Technology & Innovation
 
How to identify and prevent SQL injection
byEguardian Global Services
 
Session hijacking
byGayatri Kapse
 

Similar to Caputre the flag

PDF
Getting started with cybersecurity through CTFs by Shruti Dixit & Geethna TK
byCysinfo Cyber Security Community
 
PDF
Flag4 CTF
byijtsrd
 
PPTX
CTF CyberX-Mind4Future[4].pptx
bycifoxo
 
PPTX
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
byEC-Council
 
PDF
Capture the Flag Exercise Using Active Deception Defense
byFidelis Cybersecurity
 
PPTX
Getting ready for a Capture The Flag Hacking Competition
byJoe McCray
 
PPTX
Winter Hacks CTF.pptx
byPRIYATHAMDARISI
 
PDF
Capture The Flag
byOmar Fathy
 
PPTX
Root the Box - An Open Source Platform for CTF Administration
byChristopher Grayson
 
PDF
20240921 - HITCON 社群活動《CTF 轉生-到了業界就拿出真本事》- bruce30262 講師分享
byHacks in Taiwan (HITCON)
 
PDF
CTFs, Bugbounty and your security career
byIbrahim El-Sayed
 
PDF
CyberX_Slides_Melloni.Daniele.pdf
bycifoxo
 
PDF
How to strengthen the ctf web field for beginners(English)
bykazkiti
 
PPTX
Cyber Security Career
byHesham Elzoghby
 
PDF
Why should you consider playing CTF.pdf
byinfosec train
 
PPT
HKUST Computer Science Festival 2013 - Seminar: Computer Science, Hacking and...
byAnthony Lai
 
PDF
It security cft
byMutten
 
PDF
earning by s/doing/h4ck1ng/ - Our experience learning application security th...
byNECST Lab @ Politecnico di Milano
 
PPTX
Emotional Support for "48 hours of failure"
byGDSC UofT Mississauga
 
PDF
Why everybody should do CTF / Wargames?
byMiroslav Stampar
 
Getting started with cybersecurity through CTFs by Shruti Dixit & Geethna TK
byCysinfo Cyber Security Community
 
Flag4 CTF
byijtsrd
 
CTF CyberX-Mind4Future[4].pptx
bycifoxo
 
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
byEC-Council
 
Capture the Flag Exercise Using Active Deception Defense
byFidelis Cybersecurity
 
Getting ready for a Capture The Flag Hacking Competition
byJoe McCray
 
Winter Hacks CTF.pptx
byPRIYATHAMDARISI
 
Capture The Flag
byOmar Fathy
 
Root the Box - An Open Source Platform for CTF Administration
byChristopher Grayson
 
20240921 - HITCON 社群活動《CTF 轉生-到了業界就拿出真本事》- bruce30262 講師分享
byHacks in Taiwan (HITCON)
 
CTFs, Bugbounty and your security career
byIbrahim El-Sayed
 
CyberX_Slides_Melloni.Daniele.pdf
bycifoxo
 
How to strengthen the ctf web field for beginners(English)
bykazkiti
 
Cyber Security Career
byHesham Elzoghby
 
Why should you consider playing CTF.pdf
byinfosec train
 
HKUST Computer Science Festival 2013 - Seminar: Computer Science, Hacking and...
byAnthony Lai
 
It security cft
byMutten
 
earning by s/doing/h4ck1ng/ - Our experience learning application security th...
byNECST Lab @ Politecnico di Milano
 
Emotional Support for "48 hours of failure"
byGDSC UofT Mississauga
 
Why everybody should do CTF / Wargames?
byMiroslav Stampar
 

Recently uploaded

PDF
Booz Allen Velocity Magazine V4 (Fall 2025)
byswastikpaul2017
 
PDF
Accenture Life Trends 2025 Report - Consulting Presentation Example
bymedia887923
 
PDF
Accenture Technology Vision 2025 (AI: A Declaration of Autonomy)
bymedia887923
 
PPTX
2026-01-25 Hebrews 04 (shared slides).pptx
byDale Wells
 
PDF
QuantumBlack AI by McKinsey: The State of AI in 2025
bymedia887923
 
PDF
BCG Executive Perspectives: Future of Marketing with GenAI 2025
bymedia887923
 
PDF
J.P.Morgan Asset Management: Guide to The Markets 2025
byshubham490975
 
PDF
BCG Executive Perspectives Unlocking Impact from Agentic AI in Customer Servi...
bymedia887923
 
PDF
Indonesia Quarterly Pharma Market Update Q2 2024.pdf
byGerrySusanto2
 
PPTX
Bengaluru-TUG_From Story-finding with Dashboards to Storytelling with Data.pptx
byITC Infotech
 
PDF
Goldman Sachs Third Quarter 2025 Earnings Results Presentation
byshubham490975
 
PDF
LEC-1 INTRODUCTION TO CIVICS.pdf civic slide
bywaqarahmd1122mmd
 
PDF
BCG (Centre for Growth):- The Next Act: A Vision for the UK’s Creative Future...
bymedia887923
 
PDF
Goldman Sachs Asset Management Investment Outlook 2026
byshubham490975
 
PDF
EY - Parthenon CEO Outlook Survey (2025)
byswastik121049
 
PPTX
2026-01-18 Hebrews 03 (shared slides).pptx
byDale Wells
 
PDF
EY - Parthenon US Consumer Sentiment Survey 2025
byswastik121049
 
PPTX
Unit - 1 HISTORY IN PHARMACEUTICAL SUBSTANCE, TYPES AND SOURCES OF IMPURITIES
byShyamSudarsan1
 
PDF
Bain Global Healthcare Private Equity Report 2026
bymedia887923
 
DOCX
Best Platforms for Acquiring Aged LinkedIn Accounts Today.docx
bymarketing
 
Booz Allen Velocity Magazine V4 (Fall 2025)
byswastikpaul2017
 
Accenture Life Trends 2025 Report - Consulting Presentation Example
bymedia887923
 
Accenture Technology Vision 2025 (AI: A Declaration of Autonomy)
bymedia887923
 
2026-01-25 Hebrews 04 (shared slides).pptx
byDale Wells
 
QuantumBlack AI by McKinsey: The State of AI in 2025
bymedia887923
 
BCG Executive Perspectives: Future of Marketing with GenAI 2025
bymedia887923
 
J.P.Morgan Asset Management: Guide to The Markets 2025
byshubham490975
 
BCG Executive Perspectives Unlocking Impact from Agentic AI in Customer Servi...
bymedia887923
 
Indonesia Quarterly Pharma Market Update Q2 2024.pdf
byGerrySusanto2
 
Bengaluru-TUG_From Story-finding with Dashboards to Storytelling with Data.pptx
byITC Infotech
 
Goldman Sachs Third Quarter 2025 Earnings Results Presentation
byshubham490975
 
LEC-1 INTRODUCTION TO CIVICS.pdf civic slide
bywaqarahmd1122mmd
 
BCG (Centre for Growth):- The Next Act: A Vision for the UK’s Creative Future...
bymedia887923
 
Goldman Sachs Asset Management Investment Outlook 2026
byshubham490975
 
EY - Parthenon CEO Outlook Survey (2025)
byswastik121049
 
2026-01-18 Hebrews 03 (shared slides).pptx
byDale Wells
 
EY - Parthenon US Consumer Sentiment Survey 2025
byswastik121049
 
Unit - 1 HISTORY IN PHARMACEUTICAL SUBSTANCE, TYPES AND SOURCES OF IMPURITIES
byShyamSudarsan1
 
Bain Global Healthcare Private Equity Report 2026
bymedia887923
 
Best Platforms for Acquiring Aged LinkedIn Accounts Today.docx
bymarketing
 

Caputre the flag

  • 1.
  • 2.
    What is aCTF 2
  • 3.
    Capture The Flag Capturethe flag is a gamified cybersecurity competition designed to challenge people to solve security problems. It’s a way you learn penetration testing (ethical hacking). 3 How does a CTF look like ? It’s like a puzzle where you will need to find vulnerabilities in web application or in a system (linux/windows). You will “hack” your way in to a server using the vulnerabilities you find.
  • 4.
    Types of CTF Thereare 3 types of CTF which helps you to gain practical skills in solving something , you will not only talk about security but you will do hands on hacking. ◦ Jeopardy ◦ Attack and Defense ◦ Boot2Root 4
  • 5.
    Jeopardy Jeopardy style CTF’sinvolves a bunch of challenges that you need to solve .these challenges are related to web application, reverse engineering (pwn) ,cryptography, steganography and some miscellaneous 5
  • 6.
    Attack Defense In thistype of CTF you will work as a team , you will be presented with a machine to defend and a machine to attack, you will be finding vulnerabilities in the machine patching them then will attack other team’s machine. 6
  • 7.
    Boot2Root In this typeyou will presented with a machine which we call it a “black box” , you don’t know what’s in their , which type of operating system it is , what is running on that machine , ports , application and so on. 7
  • 8.
    Are CTF’s applicablein real life scenarios ? 8
  • 9.
    How can wegain real life experience ? ◦ Doing a pentest of enterprise companies , start up companies and etc. ◦ Doing bug bounties on public/private programs like facebook , netflix, snapchat and etc through bug bounty platforms like Hackerone, Bugcrowd and intigriti. 9
  • 10.
    Tools used inCTF’s /Bug bounties ◦ Burpsuite ◦ Nmap ◦ Hashcat ◦ Sqlmap ◦ Metasploit ◦ Msfvenom ◦ Gobuster ◦ Ghidra ◦ Custom tools/scripts 10
  • 11.
    Where can youfind active CTF’s 11
  • 12.
    How can youget better at CTF’s ? 12