I am a beginner at ctf i have good foundation in kali and ubuntu linux i want to know how can i start in ctf like give me the road map what should i watch them where should i go like should i watch certain video about linux and python and then go to pico ctf or hack the box i please if someone can help me to start bec i lost .
Hey everyone,
As a developer and cybersecurity enthusiast, I always found myself constantly switching between different online tools to decode Base64, Morse code, Binary, or Hexadecimal during CTFs or web development tasks.
To solve this, I decided to build my own fully responsive web utility called **CDS Encryption**.
Key Features:
- Multi-cipher support (Base64, Morse, Binary, ASCII, Hex, Caesar, Atbash, etc.).
- Auto-detect feature to instantly guess the cipher type.
- Built-in live analytics (tracks your session operations and success rate).
- Full dynamic multilingual support (English, French, Arabic) with native LTR/RTL layout shifting.
- Sleek Cyberpunk Dark Mode because... why not? Dark mode rules.
It’s completely free, client-side, and secure. I’d love to hear your feedback on the UI, functionality, or any ciphers you think I should add next!
*** Note: I will leave the live website URL and source link in the first comment below to avoid spam filters. ***
In the challenge we get a really big ASCII txt file and inside of it it has a lot of characters (LRUDT) repeating, I think it’s a turtle generator as it is in under scripting category, so I ran it and got like a really big right angle triangle with things like QR code, the only suspicious thing was a square at the bottom right.
PLEASE HELP!!!
Öncelikle bu konunun bir reklam olmadığını, sadece liseli gençler olarak düzenlediğimiz bu etkinliğin daha fazla kişiye duyurulması amacıyla paylaşıldığını belirtmek isterim.
Kısaca: Biz 4 kişi HASBL CTF adında Jeopardy formatında olacak bir CTF düzenliyoruz, katılım linki en aşağıda mevcuttur.
Peki CTF nedir? CTF yani; Capture The Flag (Bayrağı Yakala), siber güvenlik alanında farklı kategorilerdeki becerilerimizi test etmek ve geliştirmek amacı güden bir yarışma formatıdır. Amacımız kategoriye göre verilen sorudaki açığı bularak cevaba (flag'e) erişmektir:
Kendimizden bahsetmem gerekirse biz sosyal bilimler lisesinde 11. sınıf öğrencisi olan 4 kişiyiz ve birçok CTF'e katıldıktan sonra; "Neden soru yazmayı da denemiyoruz?" dedik ve kendi CTF yarışmamızı yapmak istedik. Elimizden gelenin en iyisini yaparak bir şeyler yaptık işte...
Etkinlik detaylarına geçmek gerekirse:
Kategorilerin tanımını yaparken ben bile kötü bir şey yapıyormuş hissiyatına kapıldım ama emin olun öyle bir şey yapmıyoruz kesinlikle
Şimdiden ilgi gösteren herkese ve CuteTopia Sub'ına bu konuyu açamama izin verdiği için teşekkür ederim.
Hey everyone,
I’m looking to join an existing CTF team or partner up with a few people to tackle upcoming competitions together.
About me:
Level: Beginner, but highly motivated to learn and grind.
Practice: Regularly active on TryHackMe and other gamified platforms.
Background: I know the basics and hold a few foundational cyber certifications.
Whether you’re an established team willing to take on a fresh mind, or other beginners looking to group up and figure things out together, I'd love to connect.
Hit me up or drop a comment if you have a spot or want to team up!
hi guys,
so i got super tired of RsaCtfTool timing out during ctfs because of single-threaded python arithmetic. spent the last couple of weeks rewriting the attack suite in rust.
im using the rug crate for gmp bindings so the math backend is pretty much identical, but i hooked it up with rayon. basically it runs all single-key attacks in parallel on all cores and aborts the remaining threads the moment one thread finds p and q or gets the private key.
tested it on some fixtures, got around 50x speedup on average compared to python, and zero timeouts on vectors where python just died.
its completely offline-first right now. about 50 attacks are fully runnable out of 59 (the rest are just compatibility stubs for now until i implement them, z3 solver is a pain in rust).
the code is here: https://github.com/abdullaabdullazade/RsaRustTool
crates.io: https://crates.io/crates/rsa-rust-tool
lmk if you find any bugs or if my manual der parsing breaks on your public keys. open to prs if anyone wants to optimize the math modules.
I’m looking for a competitive CTF team to improve my skills and grow further in cybersecurity. I can play in many categories and different types of CTFs such as Jeopardy and Attack/Defense. I already have experience in regional and national competitions in my country.
If there’s already an established team with a good track record looking for one more player, I’m available.
Hey it's been around 2 months in the cybersecurity field, I got the know about Team CTF'S i want a team for it and or want to be in a team, I already know the basics and currently learning from THM.
Hi so back in feb me and my boys stared working on this platform we call it an ai native threat application platform where lets say there is a vulnerability that comes in like lets say dirty pipe now with our platform you will be able to replicate it in sandbox environment and run all your security tools on it and check weather your tools detect the vulnerability or not or else you want to hunt for bugs in bug bounty you can replicate the newly unpatched vulnerability test it understand it and then try to find it in prod and other there are so much of usecases there are usecases in ctfs enterprises and universities
But we are not sure if there is such a market for it we have developed our mvp but now we are stuck in this stage to know weather it is a product marketfit or not and want you guy opinion on it.
We just want to check if there is a market for something we are building or we are just wasting our timing try to ship something that is not needed
Like in all the CTFs I have participated, and any challenge I do on picoCTF, I generally just ask any AI agent, and then do as it says. But, I have not improved much. What are you tips, and what should I do?
I started with doing some tryhackme challenges, but I can't solve much due to lack of knowledge.
Better than I expected, V4 Flash managed to keep track of the machine, reason through failed paths, build the kill chain and step after step obtained root access and both the flags.
I’m not claiming it is Deepseek Mythos ahahah but it's a pretty solid result in my opinion (no writeup search, i've seen the entire run and saved it, not even training data cause it's a recent room).
Bonus points: never refuse to perform cyber tasks, not only with CTF, i did OSINT/Bug Bounty too.
Just released detailed writeup on Overwatch machine from r/hackthebox on my Medium blog.
Great Active Directory machine! We'll exploit ADIDNS and command injection vulnerability and learn a lot about AD environments.
https://medium.com/@ivandano77/overwatch-writeup-hackthebox-medium-machine-aaaa56233a60
I do not intend to self-promote, I just want real feedback from people who would likely be interested in such a project. It is very early into production and I am just one person so understand it is in no shape in final condition.
last challenge have been solved in less that one day, so this time i tried to make it a little more difficult.
i think that last time i was not very clear, my intent is to create a competition to see how is the first to get the flag. the first to do so can submit the name and a message that would be showed to everybody in the history of the games.
the games would still remain live even if someone alredy solved it if you want to still try it.
have fun, didaca3301
So basically back in march we started working on this startup idea where people can just vibe code capture the flag challanges for themselves and can solve them they can also give url of any poc or cve that is available does not matter how much recent it is like you can post a poc of a vulnerability that was published just an hour ago and you can just vibe code that vulnerability for pentesting and learning purposing it is a great tool for bug hunters, cybersecurity students and learner but i really am stuck on how should i get my first 5-10 user need an advise on how can we do it
Drop a CVE link or describe any vulnerability here even if it published yesterday. I'll generate a custom CTF lab around it with a full walkthrough so you can practice it hands-on. Every machine is unique, actually hackable, and ready to go. No waiting, no setup. Just paste and practice.