What the heck is a CTF?!

Over the last several weeks I have been working on my technical skills within Springboard and various external sources (i.e. YouTube, Reddit, TryHackMe). And I did my first CTF! Sort of. CTF stands for Capture the Flag and is a computer security competition. You put your skills to the test either individually or as a team to capture “flags” (i.e. a string of numbers hidden in a text file).

So how did I do? Terrible. I competed in a SANS Institute CTF. It started after a day of learning and listening to presentations from Cyber Security experts from around the world. At the end of the day the CTF started. I had 48 hours to complete or try to get as many points as possible. In the end I completed about 30% of the CTF. I felt it was a good start for being so green in the Cyber Security field.

My cat, Cider, Watching the SANS Institute event with me.

While I may not have completed the competition, I did learn where my gaps in my cyber security knowledge exist. Below is what I learned from my first CTF event:

1. I need to better understand how to access and read HTML Source Code. This will be important to better understand, because a bad actor might use this code to steal data or change how a website appears.
2. I need to enhance my Linux/Unix command line skills. While I have experience using Linux with my Plex Media Server, I need a better understanding of the command line to reach one of my professional goals (being proficient in Kali Linux for pen-testing).
3. Research! I am learning that there is a massive amount of data around cyber security and it is impossible to know everything. I need to hone my skills around where to look and what to look for to better understand vulnerabilities, exploits, etc.

Overall, my first CTF competition was enjoyable and it provided me with a wealth of hands-on experience I couldn’t have received from a classroom setting. I will continue to explore outside of the classroom to in order to build my technical skills. Over the next week my goal is to setup a physical lab and be comfortable in a virtual lab setting.

Thanks for reading. Cheers!