What is a CTF?
CTF (Capture The Flag) is a kind of information security competition that challenges contestants to solve a variety of tasks ranging from a scavenger hunt on wikipedia to basic programming exercises, to hacking your way into a server to steal data. In these challenges, the contestant is usually asked to find a specific piece of text that may be hidden on the server or behind a webpage. This goal is called the flag, hence the name!
Like many competitions, the skill level for CTFs varies between the events. Some are targeted towards professionals with experience operating on cyber security teams. These typically offer a large cash reward and can be held at a specific physical location. Other events target the high school and college student range, sometimes offering monetary support for education to those that place highly in the competition!
What it CTF-Helper?
Jeopardy style CTFs challenges are typically divided into categories.
- Cryptography : Typically involves decrypting or encrypting a piece of data
- Steganography : Tasked with finding information hidden in files or images
- Binary : Reverse engineering or exploiting a binary file
- Web : Exploiting web pages to find the flag
- Pwn : Exploiting a server to find the flag
Different CTFs require different set of tools to be solved. It can be difficult to set-up and install every tool manually. CTF Helper is curated collection of tools for security research, CTFs, and fun. An open source CTF-DB , which stores various Techniques of solving a particular genre of CTF.
CTFs are a great way of starting one's Ethical Hacking journey and this CTF Helper will surely help any Hacking enthusiast be better than the others.
How we built it
- This CTF Helper is a cross-platform utility.
- We made two different versions: One for Windows users and one for Linux users.
- The windows version has been written in Python while the Linux version is a Shell Script (bash).
- We curated a list of various tools that are used in solving CTFs / Ethical Hacking / Penetration Testing / etc. and created a script that will allow you to manage these tools easily.
- Random ASCII dope art Everytime its opened
- A database to maintain VCS and script dependency auto-repaired
- Own terminal with Sudo Priviliges
- Installer And Executer of various well or not so well known CTF scripts e.g StegoHelper,etc.
Challenges we ran into
- Curating the tools list was a tiring job.
- Had to figure out a way of making it cross-platform
- Some tools aren't always compatible with both Windows and Linux.
- Had to use wget and choco.exe
Accomplishments that we're proud of
We created 2 different versions in such a short period of time, since this was our first ever Hackathon, we enjoyed a lot!
What we learned
We got to know about different type of CTF problems, the tools that are commonly used. We got out first hand-on experience with Shell Scripting (Bash)
What's next for Capture The Flag!
- We'll add more tools to the script and more categories.