CTF : Mindset Development, Getting Started and Advancing in CTF

Beginner Boost

Hey fellas,

The only thing that let’s you become you winner is “HUNGER”, people call it “Fuel of Success”, or with any other word.

You visited here, to get a guidance for CTF Beginner.You are right place. A right mindset can break down any big problem to smaller, easy conquerable and of course, you will be the winner. So let’s start.

Before starting, make sure you have entered the

1. The first thing is “ENUMERATION”. This is surfing all places of the challenge part, whether its any part or any one part of challenge.
2. The second thing is “Selecting Easiest Part”. In a CTF competition, start with smallest and easiest challenge, to gain maximum points.
3. The third thing is “Collecting Logical Flags” first, then go for “Brute-Forced Flags”, so that on can gain maximum output.
4. And last, “Be Calm”, The more, the better. CTF can be irritating, like Mathematics, but when solved, you get satisfaction. Even today, i get irritated when no flags i get, yet calming oneself, and be persistent keeps you going on in CTF

$$$$$$$$$$$$$$$///So Keep calm , and be Persistent\\\$$$$$$$$$$$$$$$

Intermediate Section :

The Second Thing is “Tools Selection”

There are many Tools that are to be used in CTF. Some of them are listed, and comes in Intermediate CTF Solving.

Depending upon attacks, it has been categorised:

Crypto :

1. Hash Extender : A tool that performs hash length extension attack.
2. FeatherDuster : An automated cryptanalysis tool.

Attacks:

1. Bettercap — Framework for MITM Attacks.
2. Layer2Attack — Attack various protocol on layer 2.

Bruteforcers :

1. Hashcat : Always a handy brute forcer.
2. John The Ripper : Password Cracker.

Exploits :

1. Metaploit : A Framework for exploitation, consisting of different payloads, written exploits.
2. Pwntools : CTF Framework for writing exploits

Forensics :

1. Aircrack-ng : Cracks 802.11 WEP Keys and WPS-PSK KEYS
2. ExifTools: Read write and edit file metadata.
3. NetworkMiner : Network Forensic Analysis Tool.

Reverse Engineer :

1. Barf : Binary Analysis and Reverse Engineering Framework. For me this always works.

Steganography :

1. Exif — Shows EXIF information in JPEG files. For me, that is more than enough.

Web :

1. BurpSuite — A graphical tool to testing website security. More than enough.

1. ZAPProxy — If the above somehow not work, then this can be used.

1. Hackbar — Firefox addon for easy web exploitation. This should be added on the firefox browser less that level 51 update.
2. Wireshark — Analyze the network dumps.
3. Nmap — An open source utility for network discovery and security auditing.
4. Zmap — An open-source network scanner.

The lesser tools used and more mind use, tha faster it is to gain FLAGS. So used Mind more than Tools, but use tools when time has to save,Yes, ofcourse, there is a need for it always to save time.

And one more thing. CTF and hacking are not a day thing. These are skills, and need time for achieving master level. But once mastered, You will be conqueror, Better than PUBG Player, at least you will earn more than them.

(Note : No defamation is being done here ;) .)

So gear up, And start your CTF. More updates will be there. So share, clap if like and gain knowledge, because that feeling is “Beautiful”

Thank you for the read. Share it and,

##########|||||||H@PPY H@cK1NG|||||||||#############