CTF or Capture the Flag is a traditional competition or war game in any hacker conferences like DEFCON, ROOTCON, HITB and some hackathons. CTF games are usually categorized in the form of Attack and Defend Style, Exploit Development, Packet Capture Analysis, Web Hacking, Digital Puzzles, Cryptography, Stego, Reverse Engineering, Binary Analysis, Mobile Security, etc.
As the author of n00bs CTF Labs, I decided to create a cheat sheet for the tools and resources you may want to use if ever you are planning to participate in a CTF challenge or competition:
CTF Competitions on Hacker Conferences or Gatherings and Wargames
- DEFCON CTF – one of the most prestigious and challenging CTF ever in DEFCON which is currently organized by Legitimate Business Syndicate
- picoCTF – a CTF targeted for middle and high school students
- Ghost in the Shellcode – an annual CTF which is hosted in ShmooCon Hacker Convention
- ROOTCON Campus Tour CTF – is the first ever inter-university CTF challenge in the Philippines which is a open to all college students
- ROOTCON CTF – is the official CTF of ROOTCON Hacker Conference
- CSAW CTF – by NYU Policy
- HSCTF – known to be the first CTF made by high school students and for high school students
- UCSB iCTF – the UCSB International Capture The Flag is organized by Prof. Giovanni Vigna of the Department of Computer Science at UCSB, and is held once a year (usually at the beginning of December, but it has been rescheduled a few times)
- Infosec Institute CTF – our very own CTF Labs
- Smash the Stack – a war gaming network which simulates software vulnerabilities and allows for the legal execution of exploitation techniques
- OverTheWire – another war gaming network
- Embedded Security CTF
- DefCamp CTF – the official CTF of DEFCAMP
- HITCON CTF
- Trend Micro CTF Asia Pacific & Japan – a CTF event hosted by Trend Micro
CTF Guides and Resources
- Trail of Bits CTF Guide – one of the best guides for newbies
- Practice CTF List / Permanent CTF List – a good collection and resource of CTFs that are long-running
- Awesome CTF – a curated list of Capture The Flag (CTF) frameworks, libraries, resources and software
- Vulnhub – vulnerable machines you can practice or for your pentest laboratory
- CTF Resources – a repository and an archive of general topics for CTF and is somehow the same with Trail of Bits CTF Guide
- Reddit’s securityCTF – /r/securityCTF
- Forensics Wiki – a wiki designed for computer forensics