FAQ ( Frequently Asked Question )

  • CTF? What is this?

    Capture the Flag (CTF) is a special kind of information security competitions. There are three common types of CTFs: Jeopardy, Attack-Defence and mixed.

    Jeopardy-style CTFs has a couple of questions (tasks) in range of categories. For example, Web, Forensic, Crypto, Binary or something else. Team can gain some points for every solved task. More points for more complicated tasks usually. The next task in chain can be opened only after some team solve previous task. Then the game time is over sum of points shows you a CTF winer.

    Well, attack-defence is another interesting kind of competitions. Here every team has own network(or only one host) with vulnarable services. Your team has time for patching your services and developing exploits usually. So, then organizers connects participants of competition and the wargame starts! You should protect own services for defence points and hack opponents for attack points.

    Mixed competitions may vary possible formats. It may be something like wargame with special time for task-based elements. CTF games often touch on many other aspects of information security: cryptography, stego, binary analysis, reverse engeneering, mobile security and others. Good teams generally have strong skills and experience in all these issues.
    by ctftime.org

  • How to get started with CTF?

    First it should be understood that CTF issues are diverse: cryptography, reverse engineering (reversing), exploit (pwnables), web / networking, forensic, and other topics. So in general we need to learn everything. Many are interconnected, so concentrating on one thing alone will limit the problem that can be solved.
    by rentjong.net Or CTF Field Guide Trailofbits

  • Why CTF ?

    You can read more article made by top teams at ctftime.org which is Plaid Parliament of Pwning Why CTF?

  • What skills should we have?

    The competition will cover different topics from the area of security, e.g. web security and reverse engineering. If you don't have much previous knowledge, web security may be a good field to start. Besides that, specific domain knowledge is obviously helpful: If you happen to know the framework or programming language a service is using, this is of course an advantage – but hard to prepare for. It will certainly be helpful to have a decent understanding of (the administration of) Linux/UNIX systems and networking.

  • Can I play CTF on this site?

    Yes, go ahead solve the problems.

  • I want to contribute problem, how?

    just Email your problem to this email [email protected] with the detail like POC,Point,Category,Level and you should name the email subject "[Propose-Problem] YourProblemName" without a quote.