Do you know everything about CTF?
Preface
The CTF competition is an important way to quickly improve practical network security skills and has become a common method for selecting network security talents in various industries. However, during the process of CTF training, the author of this book found several outstanding problems:
- 1. There is a serious "last mile" problem in offline CTF competition training, and the level of offline training instructors varies.
- 2. The cyberspace security disciplines and majors in domestic universities and vocational colleges lack practical and systematic teaching materials and supporting experimental courses. For example, Base64 encoding is a necessary basic knowledge in the network security industry, but the school's teaching materials do not cover this knowledge point, and there are no special experimental courses to explain this knowledge.
- 3. Most CTF competition books are not friendly enough to newcomers who want to learn cyberspace security technologies. Many beginners cannot find a quick and effective learning method.
CTF things
In order to solve the above problems, help zero-based learners quickly master basic skills, attract more people to pay attention to the learning of cyberspace security skills, and promote the development of CTF competitions, this book innovatively proposes new /span>, even novices with no basic knowledge of cyberspace security can follow the book The operation independently reproduces the experimental content. CTF knowledge learning framework, and with a large number of practical exercises in each chapter
This book not only teaches the basic knowledge and operational skills related to cyberspace security, but also discusses the nature of CTF competition questions, focusing on the analysis ideas and methods when facing different types of questions. For example, we proposed for the first time "Image Steganography Sanbanaxe" "Reverse True Scripture" and other problem-solving thinking modes, and comprehensively summarized the testing methods for industrial control safety-related knowledge in the CTF competition. Judging from the effects of offline training, these methods are extremely practical.
"Those Things About CTF" popularizes the knowledge of cyberspace security in an easy-to-understand, humorous language in a popular way, thereby improving the public's awareness of cyberspace security, thereby promoting the improvement of the level of the entire industry, and helping our country become a powerful country in cyberspace security. lay a solid foundation.
brief introduction
This book was polished by Professor Li Zhoujun, the instructor of the top CTF team Lancet, and core team members over a period of 4 years. It innovatively proposes a new CTF knowledge learning framework and reflects Professor Li Zhoujun's many years of teaching essence and team leadership experience. The book covers common topics such as PWN, reverse engineering, and Web, and systematically summarizes the inspection methods of industrial control safety in CTF competitions. It not only teaches basic knowledge and operational skills, but also discusses the essence of CTF competition questions, focusing on analyzing ideas and methods when facing different types of questions.
At the same time, the book's arrangement of CTF competition learning is in line with my country's mainstream computer science knowledge system structure. Professor Li Zhoujun combines students' practical experience to provide a textbook-style practical guidance manual for cyber security space enthusiasts.
Readership
-
Readers who want to systematically learn basic network security skills. The original intention of the author of this book is to present the basic knowledge and skills of network security in an easy-to-understand manner. Anyone who is interested in network security can study this book.
-
Technical personnel of government agencies, institutions, state-owned enterprises and other enterprises. For readers in various enterprises who need to participate in CTF competitions, this book can be used as a guide for pre-competition training to help them quickly master network security skills in a short period of time.
-
Students in colleges and vocational schools. For students in colleges and vocational schools, this book can be used as a "quasi-textbook" for them to learn network security knowledge, effectively supplementing the lack of theoretical knowledge and practical skills.
-
Cybersecurity training and competition practitioners. We hope to make this book a basic textbook and important reference book for network security training and promote the further development of CTF competition and training industry.
Experts recommend
Professor Li Zhoujun has long been engaged in research and teaching in the field of network and information security, and has trained a group of high-level network security talents for the country
. At the same time, as a member of the Cyberspace Security First-level Discipline Research and Demonstration Working Group of the Academic Degree Committee of the State Council, he played an important role in the creation and development of this discipline. The Lancet team, guided by Professor Li Zhoujun, has achieved excellent results in CTF competitions such as "Netding Cup", "Qiangwang Cup" and "Pengcheng Cup". This book is created by the Lancet team and creatively proposes a new systematic learning framework for basic network security skills. It is a self-study manual for basic network security skills that is very suitable for "newbies" to get started. At the same time, the book introduces the historical context of network security-related theories and technologies with a rigorous attitude, and is equipped with a large number of practical exercises and offline tool kits. It is both informative, interesting and practical, and will be of great benefit to readers. I think this book is a rare masterpiece for CTF training and teaching practical network security skills, and I highly recommend it.
——方滨兴, academician of the Chinese Academy of Engineering, network and information security expert, convener of the Cyberspace Security Discipline Evaluation Group of the Academic Degrees Committee of the State Council, deputy director of the Cyberspace Security Professional Teaching Steering Committee of the Ministry of Education
Due to the distinct practical nature and confrontational characteristics of network security, CTF has become an important way to learn and practice network security technology, and is also an important means of examining and selecting network security professionals. Among the many network security technology books, and even books specifically introducing CTF, this book edited by Professor Li Zhoujun is unique and reflects the essence of his teaching over the years. The book covers common CTF topics such as PWN, reverse engineering, and Web, as well as professional and practical fields such as industrial control system security. It is not only an important guide for network security students and enthusiasts to learn CTF, but also a rare learning material for network security practitioners.
——段海新, professor at Tsinghua University Network Research Institute, doctoral supervisor, co-founder of Blue Lotus Team, current member of the Cyberspace Security Discipline Evaluation Group of the Academic Degrees Committee of the State Council
Although this book uses CTF as a clue to organize the content, it is also a good introductory learning material for network security. The book explains each technical category from scratch and is equipped with a large number of illustrations that are easy for readers to understand. It can be described as a step-by-step teaching. In addition, in addition to the technical content, this book also tells the history and culture of technological development, which is very worth reading.
——于旸, Tencent outstanding scientist, head of Xuanwu Laboratory
Professor Li Zhoujun and the Lancet team he leads are pioneers in the field of CTF competition training in my country. In the past few years, the Lancet team has won awards in almost all top domestic competitions under the guidance of Teacher Li. This book is anchored by Mr. Li's solid theory and teaching practice, combined with practical experience in guiding students. It provides a textbook-style practical guidance manual for all cyberspace security enthusiasts, and also provides a guide for teaching by organizing CTF teams. The teachers provided a reference lesson plan with clear paths and rich connotations.
——蔡晶晶, Chairman of Beijing Yongxin Zhicheng Technology Co., Ltd., professor-level senior engineer, selected into the national “Ten Thousand Thousand Persons Plan”, national network security experimental platform project expert, public security Department of Cyber Security Experts
This book comprehensively and systematically introduces the important knowledge points of CTF. Readers can gain extensive and in-depth knowledge in the security field by reading this book. For information security students, this book is both an excellent guide to getting started and a valuable resource for improving your skills and becoming proficient in CTF. For those readers who want to enter the security field and engage in research work, reading this book will also be of great benefit. As my graduate tutor, Professor Li Zhoujun’s professional guidance and careful training have had a profound impact on me and I have benefited a lot.
——龚广, 360 chief security researcher and director of the Digital Security Group Vulnerability Research Institute, researcher-level senior engineer
Benefits of this article
福利介绍:This book will be drawn in the comment area to two friends and given away for free (in order to prevent friends from missing the winning information, please leave a message at the end of the article or on the blog Add blogger Vx to the main homepage)
参与方式:Follow the blogger, like, collect this article, and comment in the comment area "Comment with more than 15 words” (Be sure to like and add favorites, otherwise you will not be able to participate. Each person can comment up to three times!)
截止时间:2023-10-13 20:00:00