Capture The Flag (CTF) Hacking
A CTF (Capture The Flag) is a competition that takes major disciplines of information security and makes them into smaller, objectively measurable exercises. Participants may attempt to solve challenges by solving, exploiting, or breaking. This CTF event mainly focus on vulnerability assessment and penetration testing skills. Jeopardy, Attack defend and mixed are the types of CTFs. In Jeopardy there are puzzles and we have to solve the puzzle to acquire the toke or the flag. The flag may be hidden inside the text file, folders, or images etc. These challenges may include OWASP Top 10 vulnerabilities, or any other misconfiguration. Attack defend type focuses on either attacking the opposite side or defending the own. The combination of both attack defend and Jeopardy is known as the mixed type of CTF. Further we can categorize CTF as web, forensics, miscellaneous, networking, reversing, pwn/exploit. CTF challenges may cover many viewpoints of cyber security such as reverse engineering, binary analysis, mobile security etc. Computer security students can have benefit from applying security tools and defend vulnerable systems. Working on pre-defined hacking challenges gives common practice on security education. CTF challenges may help us to gain the ability to vulnerability scanning and pen testing.
Catch the Fish (CTF) game has 10 unique levels which needs to be think creative and capture the relevant flag as the key to the next level. Sometimes the Flag will be a password, a Hint or might be a motivational quote. First five levels we counted as easy Levels then from 6 to 8 as Medium Levels and Final two as Hard Level tasks.
User Enters the interface which the levels are available in the web view. For each and every level, we planned to create separate web pages with relevant bounty holes.
To pass a level, user need to submit the previous flag at the beginning. For an example, User need to know enter level 01 flag to enter the level 02.
For the Forensic Level, User has to download the relevant document and crack by a tool which user chooses.
For the shell type Levels, we have planned to give Kali Linux VM image with relevant tools to exploit the relevant programs.
Theme
Here the player who own the fish may win the game. They may windup each level by catching up the fish. In each level the players have to change the fishing tackle. First five levels are known as Shallow End Zone. In the shallow end zone we have planned to create few freely accessible levels with basic fundamentals of information security and forensic. Medium zone changes and challenger deep zone challenges are created with a wide rage of categories in forensic. Medium zone catching and challenger deeper catching are pain options. According to the fishing law rule, players cannot access to the fishing zones as their wish.
Audience
Here our main target is to measure the forensic knowledge of internship candidates in cyber security related organizations. Before entering as an intern an individual has to face a technological exam. Catch The Fish is used to measure the knowledge of each trainer. We have lined up each level from very easy level to difficult level. It is easy to measure up the trainer’s knowledge by looking at the number of levels he/she has completed. This contain 10 levels which are different to each other. Skills you may get by playing this CTF are recognizing formats, encoding, ways of encoding.
Windows 10 64bit OS / Kali Linux
Internet Connection
Basic ethical hacking knowledge
Stegnography / crypto Tools
