{"id":2236,"date":"2020-02-03T21:11:03","date_gmt":"2020-02-03T15:41:03","guid":{"rendered":"https:\/\/opstree.com\/blog\/\/?p=2236"},"modified":"2025-11-20T17:41:57","modified_gmt":"2025-11-20T12:11:57","slug":"what-why-and-how-of-ctf-challenges","status":"publish","type":"post","link":"https:\/\/opstree.com\/blog\/2020\/02\/03\/what-why-and-how-of-ctf-challenges\/","title":{"rendered":"What, Why and How of CTF Challenges?"},"content":{"rendered":"\r\n\r\n\r\n

What is CTF?<\/strong><\/h2>\r\n\r\n\r\n\r\n

Capture The Flag challenge, better known as CTF, is an Information Security competition that requires contestants to exploit a machine or piece of code to extract specific pieces of text that may be hidden in a web page or a server known as the flag. It can comprise of many challenges across various genres such as Reverse Engineering, Networks and Protocols, Programming, Crypto, Web Security<\/a>, Exploits, etc. All these puzzles have just one goal, capture the flag!\u00a0<\/p>\r\n

<\/p>\r\n\r\n\r\n\r\n

Why should you CTF often?<\/strong><\/h2>\r\n\r\n\r\n\r\n

Why You Should Start Doing CTFs? Capture The Flag (CTF) is a competition in the Information Security field. The main idea is to simulate different kinds of attack concepts with various challenges, which eventually opens your mind to look at things from a different perspective no matter which side of infrastructure you are on. CTFs generally expose you to things You Wouldn\u2019t Learn Otherwise.\u00a0<\/p>\r\n\r\n\r\n\r\n

If you\u2019re a developer it would teach you how to write secure code. If you\u2019re an Ops\/DevOps professional, it would teach you to setup your infrastructure and practices around it in the most secure manner.\u00a0<\/p>\r\n\r\n\r\n\r\n

So, Why shouldn\u2019t you do it? Plus it\u2019s kinda fun too!\u00a0<\/p>\r\n\r\n\r\n\r\n

How should you begin ?<\/strong><\/h2>\r\n\r\n\r\n\r\n

Coming to the most important section of this blog with hope that you are slightly convinced to pick up CTF for once at least. Great!\u00a0<\/p>\r\n\r\n\r\n\r\n

So let\u2019s focus on the how and where part of CTFs now.\u00a0<\/p>\r\n\r\n\r\n\r\n

Firstly, here you can find a list of all the CTFs going around the world, be it offline or online.\u00a0<\/p>\r\n\r\n\r\n\r\n

Here you\u2019ll see that there are mostly two types of CTF organized. Maximum times, it\u2019s the Jeopardy<\/strong> style CTF where you are provided a list of challenges and award points to individuals or<\/strong> teams that complete the challenges; groups with the most points wins.<\/p>\r\n\r\n\r\n\r\n

And sometimes if you\u2019re lucky you\u2019ll find Attack-Defense style CTF where CTFs focus on either attacking<\/strong> an opponent’s servers at the same time defending<\/strong> one’s own. You get points for attacking other teams and points are deducted every time an opponent attacks your system.<\/p>\r\n\r\n\r\n\r\n

A good place to start for various genres are listed below :\u00a0<\/em><\/p>\r\n\r\n\r\n\r\n

\r\n

\u2192 Linux : https:\/\/overthewire.org\/wargames\/leviathan\/<\/a> , https:\/\/overthewire.org\/wargames\/bandit\/<\/a><\/p>\r\n

\u2192 Web : https:\/\/owasp.org\/<\/a> , https:\/\/sourceforge.net\/projects\/owaspbwa\/<\/a> https:\/\/overthewire.org\/wargames\/natas\/<\/a><\/p>\r\n

\u2192 Reverse Engineering : https:\/\/www.root-me.org\/<\/a> ,
https:\/\/crackmes.one\/<\/a> http:\/\/reversing.kr\/challenge.php<\/a><\/p>\r\n

\u2192 Binary Exploitation: https:\/\/ctf101.org\/binary-exploitation\/overview\/<\/a><\/p>\r\n

\u2192 Pwn challenges : http:\/\/pwnable.kr\/ , https:\/\/pwn0.com\/<\/a><\/p>\r\n

\u2192 Cyber Forensics: https:\/\/ctf101.org\/cryptography\/overview\/<\/a><\/p>\r\n<\/blockquote>\r\n\r\n\r\n\r\n

Rest, Always have faith on google to show you the light when it gets dark!\u00a0<\/p>\r\n\r\n\r\n\r\n

Feel free to join this group on Linkedin to learn and share more on Cloud Security and DevOps<\/a><\/p>\r\n

Related Searches – Cloud Engineering Services<\/a> | AWS Partner<\/a><\/strong><\/p>\r\n\r\n\r\n","protected":false},"excerpt":{"rendered":"

What is CTF? Capture The Flag challenge, better known as CTF, is an Information Security competition that requires contestants to exploit a machine or piece of code to extract specific pieces of text that may be hidden in a web page or a server known as the flag. It can comprise of many challenges across … Continue reading “What, Why and How of CTF Challenges?”<\/span><\/a><\/p>\n","protected":false},"author":177921600,"featured_media":29900,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[801],"tags":[343865],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/opstree.com\/blog\/wp-content\/uploads\/2025\/11\/DevSecOps-1.jpg","jetpack_likes_enabled":true,"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pfDBOm-A4","jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/posts\/2236"}],"collection":[{"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/users\/177921600"}],"replies":[{"embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/comments?post=2236"}],"version-history":[{"count":14,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/posts\/2236\/revisions"}],"predecessor-version":[{"id":29949,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/posts\/2236\/revisions\/29949"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/media\/29900"}],"wp:attachment":[{"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/media?parent=2236"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/categories?post=2236"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/tags?post=2236"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}