CTF.Live — A New CTF Platform

https://dribbble.com/shots/3868288-Flag

My Challenge in Cyber

What I found most difficult when I first joined cyber was finding a good resource. I found quickly everyone had their ‘preferred’ or ‘go-to’ resources, all in varying formats.

CTF’s, books, webinars, courses… Then the range in topic… Digital Forensics, Malware Analysis, Ethical Hacking, Red/Blue Team etc.

For me, it was mainly finding a good CTF platform to start with, sometimes you had environment issues, tooling issues, connection issues etc.

CTF.Live

So I’ve just come across this CTF platform, and wanted to capture my initial thoughts on it!

Connecting

Super easy, supports access to their VM’s via the web browser which makes training in an enterprise mostly a doddle.

Content

List of challenges ordered by difficulty, grouped by topic.

As you’ll see on the left hand side of the interface, a nice range in topics, some lacking though some flourishing already for a ~1 week old platform.

A good range in difficulty aswell!

It’s quite refreshing to see cloud challenges too. All to often am I faced with cloud articles online about leaky S3’s to leaked keys and insider threats. The landscape is definitely unforgiving compared to traditional on-prem.

Leaky buckets

My Favourite Parts

I’m mostly loving the scenarios, they have a nice theme to them, a bit like HTB with the names which some become quite infamous with their reputation. Some set the scene where you’re a field agent tailing some assassins… but I won’t ruin the story :)

The scenario for a Network based CTF.

You’ve then got the architecture diagrams to set the scene rather than just a monotonous list of your network in a bullet point fashion:

Network diagram

And finally… The scoreboard, although no fresh new comer to CTF’s, it’s good to see some competition incorporated early on!

Conclusion

This is expected to be updated weekly with new challenges, so I hope to see a nicer range at the beginners end and some more rare scenarios at the intermediate/expert levels!

I’d also like to see some more blue team/incident response scenarios, potentially incorporating ELK!

All in all though a solid platform…

--

--

--

Twitter: @mikecybersec

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

How to remove Cerber Ransomware?

Becoming a better master of my email domain

{UPDATE} BobCat Hack Free Resources Generator

Wallet security letter #3: Crypto wallet scams: Fake apps, texts and Mnemonics

Security & Encryption. AWS Solutions Architect Associate Complete Course

Asymmetric encryption.

Attacking the Golden Ring on AMD Mini-PC

Metasploit: Introduction

BuyFren Airdrop 5,000,000 worth of $FREN token

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
@mikecybersec

@mikecybersec

Twitter: @mikecybersec

More from Medium

OhSINT — TryHackMe Walkthrough

WindowsXP default wallpaper

VulnHub — The Planets: Mercury CTF

BSidesSF 2022 CTF Challenge Write-ups

Proxy: Accessing Network Connection