|
| 1 | +--- |
| 2 | +layout: ../layouts/ResourcesLayout.astro |
| 3 | +title: "CTF Resources" |
| 4 | +--- |
| 5 | + |
| 6 | +A collection of introductory resources for playing CTFs curated by CSeC |
| 7 | + |
| 8 | +## General |
| 9 | + |
| 10 | +- [PicoGym](https://play.picoctf.org/practice) - A set of CTF challenges for beginners into CTFs. |
| 11 | +- [PicoPrimer](https://primer.picoctf.com/) - A primer into CTF-style challenges and the theory required for them. Great place to start for absolute beginners. |
| 12 | +- [TrailOfBits](http://trailofbits.github.io/ctf/) - A "CTF Field Guide" comprising challenge walkthroughs, guidance and case studies of adversarial behaviour. |
| 13 | +- [CTF101](https://ctf101.org/) - An introductory handbook covering the basics of each CTF category. |
| 14 | +- [HackTheBox](https://www.hackthebox.com/) - Interactive cybersecurity platform with diverse challenges for hands-on practice, covering areas like penetration testing, reverse engineering, and cryptography. |
| 15 | +- [TryHackMe](https://tryhackme.com/) - Interactive cybersecurity platform featuring beginner-friendly challenges, hands-on labs, and guided learning paths covering various topics such as penetration testing, web exploitation, and network security. |
| 16 | +- [Blue Team Academy](https://app.letsdefend.io/academy/) - A cybersecurity training platform focusing on defensive techniques and strategies. |
| 17 | +- [Awesome CyberSec](https://github.com/theredditbandit/awesome-cybersec) - A curated list on GitHub featuring a comprehensive collection of resources, tools, and learning materials covering various aspects of cybersecurity. |
| 18 | +- [OverTheWire Bandit](https://overthewire.org/wargames/bandit/) - A place to practice your Linux command-line skills - CTF style. |
| 19 | + |
| 20 | +## Cryptography |
| 21 | + |
| 22 | +- [CryptoHack](https://cryptohack.org/) - An excellent set of CTF-style challenges in cryptography. |
| 23 | +- [RSA Common Attacks](https://crypto.stanford.edu/~dabo/papers/RSA-survey.pdf) - Common attacks and their implementation on RSA challenges. |
| 24 | + |
| 25 | +## Digital Forensics |
| 26 | + |
| 27 | +- [MemLabs](https://github.com/stuxnet999/MemLab) - One of the best places to get started in Memory Forensics. |
| 28 | +- [Popular Tools Used in Digital Forensics](https://docs.google.com/document/d/1KUy_Sh9d5lo9ozuoW2WPl3z0gOZyM4yGDZBS1S7HhJ8/edit?usp=sharing) - A compilation of tools commonly used in digital forensics. |
| 29 | +- [Awesome Forensics](https://github.com/cugu/awesome-forensics) - An extensive list of various forensics tools and resources. |
| 30 | + |
| 31 | +## Reverse Engineering |
| 32 | + |
| 33 | +- [The Flare-On Challenge](http://flare-on.com/) - Though it is a single-player annual CTF, it contains a repository of prior years’ challenges. |
| 34 | +- [Reverse Engineering Challenges](https://challenges.re/) - A set of reverse engineering challenges contrived by Dennis Yurichev. |
| 35 | + |
| 36 | +## Binary Exploitation |
| 37 | + |
| 38 | +- [Pwn College](https://pwn.college/) - For those with a serious interest in starting from basics and going in-depth into binary exploitation. |
| 39 | +- [CryptoCat](https://youtube.com/playlist?list=PLHUKi1UlEgOIc07Rfk2Jgb5fZbxDPec94&feature=shared) - Basic pwn ideas used in challenges. |
| 40 | +- [Nightmare](https://guyinatuxedo.github.io/) - Covers many ideas in pwn in detail with examples from CTF challenges. |
| 41 | + |
| 42 | +## Web Exploitation |
| 43 | + |
| 44 | +- [PortSwigger Labs](https://portswigger.net/web-security/all-labs) - Includes plentiful hands-on labs on various web vulnerabilities. Great resource to get started or brush-up on your skills. |
| 45 | + |
| 46 | +## Cloud-ish |
| 47 | + |
| 48 | +- [flAWS](http://flaws.cloud/) - A set of tutorials and CTF challenges to teach Amazon Web Services security concepts. |
| 49 | +- [flAWS2](http://flaws2.cloud/) - Sequel to flAWS. |
0 commit comments