What Is “Capture The Flag” in Hacking Terms?

Learning how to defend what is yours online is one of the most important things in today’s society. The amount of cyber-attacks plaguing the world is terrifying. It’s no surprise that more individuals are relentlessly trying to further their knowledge on cyber security related tactics via training and conferences.

One of the more popular training techniques is a game dubbed “CTF” or “Capture The Flag”. CTF is a competition between security professionals and/or individuals with a passion to learn more in the cyber security world.

CTF Time defines the three most common types of Capture The Flag:
  • Jeopardy-style CTFs has a couple of questions (tasks) in range of categories. For example, Web, Forensic, Crypto, Binary or something else. Team can gain some points for every solved task. More points for more complicated tasks usually. The next task in chain can be opened only after some team solve previous task. Then the game time is over sum of points shows you a CTF winner. Famous example of such CTF is Defcon CTF quals.
  • Attack-defense CTFs is another interesting kind of competitions. Here every team has own network (or only one host) with vulnerable services. Your team has time for patching your services and developing exploits usually. So, then organizers connects participants of competition and the wargame starts! You should protect own services for defense points and hack opponents for attack points. Historically this is a first type of CTFs, everybody knows about DEF CON CTF – something like a World Cup of all other competitions.
  • Mixed Competition CTFs may vary possible formats. It may be something like wargame with special time for task-based elements (like UCSB iCTF).

While hacking conferences that are constantly being held offer CTF competitions, it is more common to find CTF competitions online. With access to a training platform 24/7, CTF websites are definitely the wave of the future. Everyone with an interest in protecting their online identity and belongings should consider training with CTF.

What have you got to lose? (Besides virtually everything if you don’t learn how to protect yourself.)

Related posts

How to Improve Your Cyber Resilience by Strengthening User Privileges

The Dark Side of Viral Content: How Negative Reviews Can Snowball

Testing Gaming Monetization: Walking the Line Between Profit and Player Experience