A general collection of information, tools, and tips regarding CTFs and similar security competitions
Latest commit fb4c6df Mar 3, 2015 @cabreraalex cabreraalex Update README.md
Failed to load latest commit information.
tools Added file write-up May 21, 2014
topics Update README.md Mar 3, 2015
.gitignore Added .gitignore file Apr 2, 2014
LICENSE Initial commit Mar 11, 2014
README.md reorganization Jun 3, 2014


#CTF Resources

This repository aims to be an archive of information, tools, and references regarding CTF competitions.

CTFs, especially for beginners, can be very daunting and almost impossible to approach. With some general overviews of common CTF topics and more in-depth research and explanation in specific technologies both beginners and veterans can learn, contribute, and collaborate to expand their knowledge.

##Quick Start

  1. First time? READ THIS! and then the section below. Once you understand the basics, use the resources in the topics directory to try to solve challenges on websites like OverTheWire or CanYouHack.it.

  2. Beginner? Use the guides found in the topics directory to try to find out what type of challenges you are presented with and participate in some of the CTFs on ctftime.

  3. Intermediate? Navigate straight to the topic you are interested in to find extra online resources to help you solve more complex challenges.

  4. Master? Help improve this repository! Have a new type of vulnerability you want to explain? Write about it and how to use it! Have a new tool people can use? add it to the tools directory!

##What are CTFs?

CTFs are computer security/hacking competitions which generally consist of participants breaking, investigating, reverse engineering and doing anything they can to reach the end goal, a "flag" which is usually found as a string of text.

DEF CON hosts what is the most widely known and first major CTF, occurring annually at the hacking conference in Las Vegas. Many different competitions have branched off since then, and numerous ones are available year round. One of the best places to see when CTFs are being scheduled is CTFTime, an active website with calendars and team rankings.


A very simple type of CTF challenge consists of looking at the source code of websites or programs to find flags and/or hints. For example, can you find the flag hidden on this page?

###Moving On

You may be able to solve some CTF challenges after looking through the documents in this repository and understanding the basics of the technologies and subjects covered, but you won't be very proficient or successful for long. To be an adept CTF competitor you have to be able to combine many different strategies and tools to find the flag. Developing the ability to find flags quickly takes practice more than anything, and participating in numerous CTFs will allow you to expand your understanding and abilities, leading you to success. Spend some time on CTFTime working through CTFs to truly improve and learn.