By: Shimon Brathwaite
February 1, 2022
A Guide To CTFs For A Cybersecurity Analyst
By: Shimon Brathwaite
February 1, 2022
Cybersecurity analyst is one of the most common types of cybersecurity jobs, and they fall into two categories. There are blue teams (defensive) and red teams (offensive) security analysts. The first one works primarily to defend the system by resolving security vulnerabilities, while the other discovers security vulnerabilities by attacking computer systems. Now you can learn a lot about doing both by reading or studying, but the best way to learn and prove that you know what you're doing is through practical challenges. Therefore, capture the flag (CTF) challenges are extremely useful.
What is a CTF Competition?
CTF stands for capture the flag, and it's a type of cybersecurity competition. There are typically two teams: the first focuses on attacking (hacking) into a computer system while the latter focuses on defending against the attacks. The attacking team's goal is to get into the computer within the given timeframe and obtain the flag, usually a computer file that holds a particular code. Additionally, some competitions will require that the hackers get root access to the machine because this will show that the attackers could get past all of the defenses on that machine.
Why you should do CTF Competitions
The first reason you should do CTF competitions is to facilitate your learning. If you just do passive studying/reading, retaining that information will be more challenging. On average, people keep about 10% of what they read, about 30% of what they see, but retain roughly 90% of what they do (put into practice). Therefore, you should strive to put everything you are learning into practice, and CTFs are a great way to do this, especially for the offensive side of security. Source @ td.org
Next, it's a great way to demonstrate your skill. Many companies such as Google or Facebook, for example, tend to recruit professionals that do competitive tournaments. If you enter CTF competitions and outperform your peers, you will be recruited to work for a company. If you get selected, your salary, benefits, and career progression will often be much better than if you just applied for a job.
Lastly, it will make the learning more fun and enjoyable because you use what you're acquiring to accomplish a specific goal. If you enjoy your studying, you are more likely to continue to do it, and therefore you will get better at your craft. It can also be an excellent way to measure your progress because you have challenges that you are constantly overcoming that you couldn't before.
How to get started with CTF Competitions
If you have never done a CTF competition, I suggest that you start with individual computer challenges. In these competitions, rather than live team versus team, you are trying to complete CTF challenges set up in advance. You can access online resources for free or at little cost to get started with doing CTF competitions like these.
Overthewire: This is a great set of challenges for a complete beginner. In these challenges, you will learn a lot about the Linux command line, navigating file systems, encoding, decoding, and many other essential basics for cybersecurity. Overthewire has tons of challenges, and they increase in difficulty, so hopefully, you won't get bored while completing the challenges.
Hackthebox: It's an amazing website for getting hands-on practical hacking experience. On this platform, you will get access to tons of web servers that have been configured with flags for you to try and get. Upon completing these machines, you can upload the key to the website and earn points that will allow you to climb the ranks. It very closely mimics what you will be doing as an attacker during an actual CTF competition. Also, because this platform is so popular, you can look up online tutorials to understand how to complete particular challenges, learn the techniques people use and build your knowledge from the ground up. It's very well known within the community. Suppose you get a strong profile on this website; you will show it to employers and clients and use it as a legitimate work portfolio to demonstrate your skill as a cybersecurity analyst.
Vulnhub: This is an alternative to hackthebox that has pre-configured CTF challenges. In addition to the online servers that you can use to practice your hacking, vulnhub's website also has a lot of helpful community resources that you can use to facilitate your learning. In terms of reputation, vulnhub is also well known within the industry, and it's a great way to start.
Offensive Security Certifications: Offensive security is an organization that is dedicated to teaching people cybersecurity through red team tactics. Their certifications, particularly the OSCP, are one big CTF competition. You will be on a VPN where you're expected to hack into different machines and then write a report on your findings. It is an attractive way to practice because not only do you get the practice, but you get a professional certification along with it. But be warned, their certifications are tough, but they are also very rewarding. They also have certifications around different elements of offensive security, such as creating custom exploits or evading detection while hacking into a computer. They also have free community courses like Metasploit unleashed that are very useful and don't require any monetary investment.
Once you are comfortable doing CTF challenges yourself, you can look for live competitions in your area and begin competing against other people on the same learning journey as you.
CTFs are cybersecurity competitions with an attacking team and a defending team, with the attacking team's goal to hack into the system and retrieve the flag of the machine. Several online resources will allow you to practice in a CTF environment. You may use these to hone your skills. Once you are competent in completing the solo challenges, you can move to live team versus team CTF competitions. These will be more challenging, allowing you to grow and bring you in front of prospective employers looking for cybersecurity talent.