Monday, 5 July 2021

CTF's What are they and Why should you care ?

Capture The Flag events aka CTFs

Capture the flag competitions are an excellent way to get started with hacking. Ctfs are organized by various groups or sometimes organizations or by individuals also.Keep reading till the end to know all about these ctfs.



What Are They...

they are competitions that are held online and sometimes even at a physical place where the participants are given a task like gaining access to a server or maybe cracking a secret code or finding bugs in a web application and exploiting them and others.... you can either participate as an individual or with a group if you have one or maybe create one...after solving every task you would receive a flag (can be any random string like this one : 5czgV9L3Xx8JPOyRbXh6lQbmIOWvPT6Z) which you would can then submit and get points. The person or group with maximum points is the winner.


Why CTFs ?

ctfs are a very effective way to learn hacking skills faster while also gaining experience exponentially at the beginning ..they are a perfect demonstration of gamified learning, you get to learn valuable skills while playing a game.There are many beginner level CTFs out there which can help you get started with almost no pre-reqs and least resistance.


Where would i find CTFs ? 

So you are all pumped up and determined to embark on your journey of becoming an hacker and want to know where to go from here.....well before jumping ahead feel free to read this post regarding hacking...before diving straight into CTFs it would be better if you get yourself comfortable with linux (to learn more about linux checkout this ) since you would need to use it as most of the tools that you would be using are available in linux based operating systems and might be command line based.... so learn linux and start using it and get comfortable with command line as that would be where would spend most of your time. After getting your hands on linux i would suggest you to go to this site Overthewire.org, it has plenty of wargames(hacking challenges just like ctfs) ranging from beginner to advanced level... their bandit wargame is intended to teach the basics of linux which would help you in hacking complex stuff later on....

After you have completed the bandit wargame you are now more or less ready to dive into the other stuff.... so you can now maybe tryout the other wargames like leviathan(what you,d learn: advanced linux usage) and narnia (teaches binary exploitation) ....or maybe have a look at ctftime.org there you'd find all upcoming ctfs listed and you can from there participate in any ctf which you like ( my 2 penny advice would be to participate in the ctfs with a lower "rating weight" from 0-50 as they are generally easier and more beginner friendly thus you wont be frustrated if you cant solve a challenge )

Or you can have a look at this site tryhackme.com which is an absolutely great site to get started in hacking the site is so well laidout i cant say enough... so just go and have a look at it....

That would be enough for you to get started and once you get in almost half of the work is done and after that you would be able to proceed yourself.... checkout my other post on getting started in cybersecurity and hacking to get some useful resources.


checkout liveoverflows video on ctfs https://youtu.be/Lus7aNf2xDg 

 

if you liked the post please do share it with people and mention in the comments section any topic that you would like me to share on this blog


Thank You ;


 










Sunday, 4 July 2021

Get into Cybersecurity and hacking

 

welcome-to-cybersecurity

This is an guide for people aspiring to enter the world of cybersecurity

#so lets get into the topic without further ado;

I am sharing the experience that i have gathered till now. There is no reason to think this is the only way to get started.


And there are numerous pre requisites to start hacking.But truthfully speaking you dont need any of them to get started,..just play ctfs and checkout some wargames and keep learning.

 

  1. First of all you will require a strong understanding of the linux operating system. 

    Why this is recommended is because using linux will give you strong understanding of your system and what happens under the hood of your operating system. Now if you avoid the linux terminal and stick to gui you will probably not learn much from there.You have to be a tinkerer, the golden rule or the thumb rule is TINKER==>BREAK==>TROUBLESHOOT/FIX==>LEARN.This is how you will get a grip of your system. Now many of you must have heard about kali linux (if not then no problem). It is a linux distro developed by Offensive Security.It is regarded as one of the most famous hacking distros(and it is).But learning linux from kali then you would probably be in a problem.It is not regarded as a beginner friendly distro, and moreover it does not include general purpose software that a user needs daily, it is packed up with hundreds of pen-testing tools. So if you are new to linux then i would personally recommend you to get started with a more friendly linux distro like ubuntu or linux mint, etc.

    to know more about linux and get started checkout my other post regarding linux 

  2. Secondly learn some networking 

    Again networking is an important part of cybersecurity.The OSI model, firewall, VPN, ssh and others are some common names that might frequently spring up.

    "you can skip networking in the beginning and learn the things as they come up gradually"

  3. Third is programming 

    Yeah now many people have confusions Do they need to learn programming ? Where from they should start programming? What languages should they learn? to answer these, um programming is going to comeup sooner or later in hacking. So programming would really be a useful skill not just in cybersec but even in other domains.So consider learning a programming language like python which has extensive usage in hacking and also is very easy to get started with.. just find out free tutorials on the internet at sites like w3schools.com, geeksforgeeks.org, etc....or checkout some free tutorials on youtube.

  4. Fourth and the most important one...

    The most important thing is patience... you would not become an expert in this field overnight.You would have to be patient throughout the journey because there would be times when you might feel disappointed and think that you have learnt nothing, but believe me it happens to everyone out there, just keep calm and look up solutions on the internet.

     

     

    note :  

     hacking is misrepresented in hollywood movies... so dont think that what you would be doing is sitting in front of a black screen and green letters flowing everywhere on your screen... for most of the part.. hacking is basically coding and finding errors and bugs in a program or a network and then exploiting them and that might sound boring but it actually becomes fun slowly....and forget about hijacking your friends social media account its just another myth...you wont be doing any such things ...nobody does 😆



    But Where or better How should i get started....

    glad that you asked.......

    The best place to get started would be in my opinion OverTheWire.org ...its a great site with wargames ranging from beginner to advanced level. The bandit wargame is all about learning linux and it is a great place to start so just head towards the site ..but before you go... i would recommend you to atleast get a bit familiar with the linux OS and the terminal ( checkout this ).Then you can smoothly carry on your journey. 

    Afterthat you can have a look at Ctftime.org there you would find all upcoming ctf events (capture the flag events are hacking challenges that take place online).

 Tip : create a discord account that would help you with the ctfs ...you can also get in touch with other people who are into hacking and get tips and maybe create a group or join a pre-existing group.

 

RESOURCES THAT WOULD HELP YOU: 

youtube channels :

wargames and ctfs and others :

 

checkout my GitHub account to get some good resources like books and cheatsheets and other stuff that might be helpful to you ;-)


thanking you,,

CTF's What are they and Why should you care ?

Capture The Flag events aka CTFs Capture the flag competitions are an excellent way to get started with hacking. Ctfs are organized by vario...