You may have seen some Capture the Flag (CTF) writeups on the Hurricane Labs blog recently! If you’re wondering how to get started yourself, this blog post will help you set up a virtual machine (VM) for CTFs.
Just in case you missed the others, I wrote a beginner’s guide that was inspired by the NahamCon 2020 CTF and another post about OSINT challenges experienced during the CSI CTF. My teammate, Collin Simpson, also wrote up a NahamCon CTF series, so make sure you check out parts 1, 2, and 3 of his series.
What are CTFs and how you can get started
CTFs (Capture the Flags) are competitions you can participate in–virtually or in-person, depending on the CTF–to show off your cybersecurity skills, to give you learning-based challenges, and to have a little bit of hacking fun. Most of them are red team and based on pentesting skills, but there are some blue team CTFs as well.
If you’re looking to get started with CTFs, the first thing you’ll want to do is create a VM so you have a place to work from that has all the tools you will need. You can use Virtualbox, VMware, Parallels, or any virtualization software. You could also purchase a virtual private server from a hosting provider. Whatever option you choose, you can find instructions online through searching for “Installing Kali Linux on [your VM of choice]” and there are hundreds of articles on how to do so. For Virtualbox, I used these instructions.
Additional tools, websites, and other useful resources
The following is a list of tools I installed and websites I bookmarked based on the past few CTFs I have done.
You can install all the tools in Kali’s repo if you’d like, but you won’t need all of them–it would be a lot to maintain if you did. During the installation, if you are not using the image for virtualization, choose the default recommended install and then install the tools you’ll need for each category:
- Stegsnow: Hides and detects steganography in whitespace
sudo apt-get install stegsnow
- Stegosuite: Hides and detects steganography in images
sudo apt-get install stegosuite
- Ghidra (bookmark): Reverse engineering tool
- Sherlock: Search for usernames across multiple websites
sudo apt-get install sherlock
- Exiftool: See exif data in photos
sudo apt-get install exiftool
- CyberChef (bookmark): This is very useful for CTFs! I don’t have to install so many tools because it does so much, especially if you are trying to convert something from one format to another or decrypt something.
- RSA Step-by-Step (bookmark): This will help with any RSA challenges and it also explains how RSA encryption works. Also, be sure to watch John Hammond’s video on solving RSA challenges to see how he solves RSA challenges, which will deepen your understanding of it.
- Pentesting CheatSheet (bookmark): This cheatsheet has common red team linux commands you can use during CTFs.
- PIP: for installing python packages
sudo apt-get install python3-pip python-pip
Check out my Twitch livestream video!
During a Twitch livestream a few weeks ago, I went through the entire process and have edited it down to just the important parts so you can follow along with me at your convenience–closed captioning (CC) available. Also, for those who would prefer a transcript, you can download that file here!