CTF Resources

A collection of introductory resources for playing CTFs curated by CSeC

General

  • PicoGym - A set of CTF challenges for beginners into CTFs.
  • PicoPrimer - A primer into CTF-style challenges and the theory required for them. Great place to start for absolute beginners.
  • TrailOfBits - A “CTF Field Guide” comprising challenge walkthroughs, guidance and case studies of adversarial behaviour.
  • CTF101 - An introductory handbook covering the basics of each CTF category.
  • HackTheBox - Interactive cybersecurity platform with diverse challenges for hands-on practice, covering areas like penetration testing, reverse engineering, and cryptography.
  • TryHackMe - Interactive cybersecurity platform featuring beginner-friendly challenges, hands-on labs, and guided learning paths covering various topics such as penetration testing, web exploitation, and network security.
  • Blue Team Academy - A cybersecurity training platform focusing on defensive techniques and strategies, providing courses and resources tailored for individuals interested in becoming proficient in cybersecurity defense, incident response, threat hunting, and security operations center (SOC) operations.
  • Awesome CyberSec - A curated list on GitHub featuring a comprehensive collection of resources, tools, and learning materials covering various aspects of cybersecurity, including penetration testing, digital forensics, threat intelligence, and more. Ideal for individuals seeking to explore and deepen their knowledge in cybersecurity domains.
  • OverTheWire Bandit - A place to practice your linux command linux skills - CTF style.

Cryptography

  • CryptoHack - An excellent set of CTF-style challenges in cryptography.
  • RSA Common Attacks - Common attacks and their implementation on RSA challenges.

Digital Forensics


Reverse Engineering


Binary Exploitation

  • Pwn College - For those with a serious interest in starting from basics and going in depth into binary exploitation.
  • CryptoCat - Basic pwn ideas used in challenges.
  • Nightmare - Covers many ideas in pwn in detail with examples from CTF challenges.

Web Exploitation

  • PortSwigger Labs - Includes plentiful hands-on labs on various web vulnerabilities. Great resource to get started or brush-up on your skills.

Cloud-ish

  • flAWS - A set of tutorials and CTF challenges to teach Amazon Web Services security concepts.
  • flAWS2 - Sequel to flAWS.