Introduction to CTF
CTF
ctf history
The predecessor of CTF was a network technology competition game between traditional hackers, which originated in the fourth DEFCON in 1996.
Problem solving type
The topic types mainly include six categories: Web network attack and defense, RE reverse engineering, Pwn binary vulnerability exploitation, Crypto password attack, Mobile mobile security, and Misc security miscellaneous.
Web-Network Attack and Defense
Mainly introduces the common vulnerabilities in Web security, such as SQL injection, XSS, CSRF, file inclusion, file upload, code audit, PHP weak types, etc. Common question types and problem solving ideas in Web security, and provides some commonly used tool.
Reverse Engineering-Reverse Engineering
It mainly introduces the common problem types, tool platforms, and problem-solving ideas in reverse engineering. The advanced part introduces the common software protection, decompilation, anti-debugging, and shelling technology in reverse engineering.
Pwn-Binary exploit
The Pwn topic mainly examines the discovery and utilization of binary vulnerabilities, and requires a certain understanding of the underlying computer operating system. In the CTF competition, PWN topics mainly appear on the Linux platform.
Crypto-password attack
It mainly includes two parts of classical cryptography and modern cryptography. Classical cryptography is very interesting and has a wide variety of types. Modern cryptography has high security and requires high algorithm understanding.
Mobile-Mobile Security
It mainly introduces the commonly used tools and main problem types in Android reverse engineering. Android reverse engineering often requires a certain amount of Android development knowledge. iOS reverse engineering issues rarely appear in CTF competitions, so I will not introduce too much.
Misc-Safety Miscellaneous
Taking Zhuge Jianwei's translation of "Online Phantom: The Autobiography of the World's Number One Hacker Mitnick" and some typical MISC topics as the entry point, the content mainly includes information collection, coding analysis, forensic analysis, steganalysis, etc.
Taken from CTF-wiki