CAPTURE THE FLAG - CTF Training

A Security wargame

What is CTF?

Capture the Flag is an information security competition that is an amalgamation of various challenges that applies concepts like Reverse engineering, Web Applications, Binary, Network, Cryptography, Forensics, etc. Each challenge holds a certain number of points based on its difficulty level. The idea behind these CTFs is to provide an individual practical knowledge of the different kinds of attacks and issues in the real world. For aspiring white hats, CTF challenges are a good thanks to learning hacking techniques, strengthen your problem-solving skills, and gain critical hands-on practice. CTF competitions deal with the correct level of pressure to stay things interesting while helping you to sharpen your skills. For the pros, CTF competitions facilitate your assess your skill level, challenge yourself among peers, and perhaps even earn some bragging rights.

In computer security Capture the Flag (CTF), “flags” are secrets hidden in purposefully-vulnerable programs or websites. Competitors steal flags either from other competitors (attack/defense-style CTFs) or from the organizers (jeopardy-style challenges).

cybersecurity capture the flag is a team-based competition in which participants use cybersecurity tools and techniques to find hidden clues or “flags”. The team that locates the most flags during the event wins. These events are often entry-level and open to the public.

When a player is in an opposing team’s territory, they can be captured by that team’s players. If they tag the player, the player must perform a task—say, five jumping jacks or three push-ups—before returning to their own territory.

Capture the Flag (CTF) is a special kind of information security competitions. Well, attack-defence is another interesting kind of competitions. Here every team has own network(or only one host) with vulnarable services. Your team has time for patching your services and developing exploits usually.

One of the CTFs that was particularly interesting to me was the Google CTF. One can opt to go for the beginner challenges to see where the skill level really was at – and although it is “mostly” easy, there are still some challenges that can make the competition tough.

CTFs enable you to develop your problem solving and analytical skills to use in real-work scenarios. CTF tasks are usually based on real-world vulnerabilities and security incidents. Nowadays, CTF problems are asked in job interviews to test the skills of professionals.

CTF Training Institute in Bangladesh

hackerSlash being the best CTF Training Institute in Bangladesh will build your knowledge of the tools and techniques used by hackers. As a result, you will learn how malicious hackers use various tools. This certification is highly demanded by top companies as a prerequisite for information security-related job posts. So you should explore to advance your career to the top position in a security. Get ahead in your career with in-depth and intensive training for CTF certification in Bangladesh.

Eligibility Criteria for CTF Course

Prior to opting for this course, the candidate should be aware of advanced ethical hacking techniques, networking services, OWASP top 10, Linux /Windows basic and major commands, the Unix File System, and the working of the Content Management System.

CTF Course Module

  • Introduction to CTF and its importance in cyber world
  • Introduction to Cyber Range
  • Difference between CTF and Cyber Range
  • CTF Course overview
  • Types of CTF challenges platform
  • Famous Channel Of CTF
  • Basics of Linux service
  • Linux foremost commands
  • Linux filesystems
  • Linux Utility
  • Installing & configuration of systems packages
  • Deleting & removing systems
  • package
  • Reading Logs
  • Basics of Windows services &
  • Registry
  • Windows foremost commands
  • Windows filesystems
  • Windows Utility
  • Working of dll, Python & C-programs
  • Installing & configuration of systems packages
  • Deleting & removing systems package
  • Reading event Logs
  • Introduction to toolbox
  • Installing & configuring services
  • Installing & configuring Kali tools
  • Basic to Advanced Pen testing Commands
  • Brute force Attack
  • Hands-on Practice on

I. Nmap

II. Metasploit

III. SQLMAP

IV. Burp Suite

V. Wireshark | TCPDUMP

VI. Nikto

VII. Curl

VIII. Netcat

IX. wpscan

X. John the ripper

  • TCP Connect Scan with Wireshark
  • Network Sweeping with Wireshark
  • SYN Scan with Wireshark
  • UDP Scan with Wireshark
  • FIN Scan with Wireshark
  • Null Scan with Wireshark
  • OS Discovery with Wireshark
  • NSE Scripts with Wireshark
  • Nmap Firewall Scan
  • Overview
  • DNS Enumeration
  • NetBIOS & SMB Enumeration
  • Enum4Linux
  • SMB NSE Scripts
  • MSQL Enumeration
  • MSSQL Enumeration
  • SMTP Enumeration
  • VRFY Script
  • Python Port
  • SNMP Enumeration
  • SNMP MiB
  • SNMP Walk
  • SQL Injection
  • LFI & RFI
  • Remote code | command Execution
  • Authentication Bypass
  • Directory Brute Forcing
  • Nmap
  • Google Hacking
  • Searchploit
  • Exploit DB
  • Nessus
  • Powershell Script
  • SE-Toolkit Usages
  • Exploit With SE-Toolkit
  • Php reverse shell
  • Python reverse shell
  • Perl reverse shell
  • Bash reverse shell
  • Msfvenom shell
  • Adding Exploit in Metasploit framework
  • Manual Exploitation
  • Using Python script
  • Unicorn
  • Buffer Overflow
  • Overview
  • Vulnerable Code
  • Stack Overflow
  • Overview
  • Fuzzing
  • Crash Replication
  • Controlling EIP
  • Introducing Shellcode
  • Bad Characters
  • Redirecting Execution
  • Introducing Mona
  • Shellcode Payload
  • Overview
  • Controlling EIP
  • Locating Space
  • First Stage Shellcode
  • Locating RET
  • Generating Shellcode
  • Getting start with NC
  • Connecting to a Server
  • Fetching HTTP header
  • Chatting
  • Creating a Backdoor
  • Verbose Mode
  • Save Output to Disk
  • Port Scanning
  • TCP Delay Scan
  • UDP Scan
  • Reverse TCP Shell Exploitation
  • Randomize Port
  • File Transfer
  • Reverse Netcat Shell Exploitation
  • Banner grabbing
  • Overview
  • Port Forwarding
  • SSH Tunnels
  • Dynamic Proxies
  • Proxy Chains
  • FTP
  • Python HTTP Server
  • php http server
  • HFS Tool
  • Netcat
  • CURL
  • Wget
  • TFTP
  • Python SMB Server
  • Powershell File Transfer
  • Bitsadmin
  • Jenkins
  • Docker
  • LXC
  • WordPress
  • Drupal | Joomla
  • Writable Script
  • Crontab
  • Kernel
  • Path Variable
  • Automated Script
  • Kernel
  • Bypass UAC
  • Unquoted Path
  • Scheduled Task
  • Automated Scrip
  • Level -1: Easy
  • Level-2: Medium
  • Level-3: Intermediate
  • Level-4: Hard
  • Designing Jeopardy CTF Challenges
  • Designing Attack & defense Challenge

a. CTF Classification

b. Cryptography

c. Steganography

d. Encoding

e. Binary

f. Pwn

g. Web

h. Network

  • Designing Penetration Testingframework (PTF)

CTF Course in Bangladesh

CTF Course in Bangladesh by hackerSlash is the top-rated competitive course. The CTF competitors are highly demanded by organizations to penetrate networks and computer systems for finding and fixing security vulnerabilities. If you are considering working in the cybersecurity industry, then this training will benefit you greatly. CTF course in Bangladesh is provided by cybersecurity professionals who are penetration testers at hackers last. In the CTF course in Bangladesh, you will master objectives including Intrusion Detection, Policy Creation, reconnaissance with Social Engineering and Google, DDoS Attacks, etc.
The categories of CTF include:
RE (reverse engineering):get a binary and reverse engineer it to search outa flag.
Pwn : get a binary and a link to a program running on a foreign server. Cause a buffer overflow, etc. to bypass normal functionality and acquire the program to read the flag to you.
Crypto :crypto means cryptography! Get an encrypted flag and work out a way to decrypt it (includes both classical and modern ciphers)
Web :web-based challenges where you’re redirected to an internet site, and you’ve got to search out and exploit a vulnerability (SQL injection, XSS, etc.)to urge a flag.
Forensics/ Stego :given a PCAP file, image, audio or other file, find a hidden message and find the flag. Other: this can be a small amount of a grab bag. Includes random puzzles, electronics-based things, OSINT, anything that doesn’t fit in to the opposite categories.
CTF 2.0 is the latest edition of our training. which provides the most advanced modules that connect to the real infrastructures in the organizations, and also assist students/professionals to prepare for global certification. This curriculum has been designed in such a manner. that it accommodates both freshers and specialists and provides them with the necessary training w.r.t their skills.

What does an organization expect from a Cyber Security Professional?

Our training module is delicately balanced between practical lab-based training and theoretical content. Organizations expect real-time practical based solutions to the real-world threat of cyber attacks. Focusing on practical training conducted by Bug Bounty hunters and exploit writers.
hackerSlash CTF training Course will surely give you the edge and help you to grab the job. Our ethical hacking training program also focuses on the most important aspect of “Documentation” / “VAPT Reporting”. Cyber security professionals will not only impart you with the latest cyber security training but will also help you to prepare and report critical vulnerabilities to companies as a bug bounty hunter and also helps you in VAPT report writing.
For an organization, a cyber security professional who has technical and as well as reporting/documentation skills will always be the first choice. This reduces the investment of organizations in the newly recruited cyber security professional.

SYSTEM REQUIREMENTS

  • CPU: 64-bit Intel i5/i7 with 4th generation + (2.0 GHz)
  • 8 GB of RAM or higher
  • 300 GB free space
  • Administrator Access
  • Wi-Fi 802.11 capability
  • Windows 10 Pro, Linux or macOS (Latest updated)
  • NOTE: All other software and configuration requirement will be provided and guided.
  • COURSE DURATION

  • 50 Hours (3 Months)
  • The live training is for 50 hours and will be 2 hours a day + 2 Days a week.
  • PRICING

    Training + course material + exam certification
  • 19,000 Taka for Bangladeshi Students
  • $300 US dollars for international Students
  • Need Help?

    If you have any questions about the training or the instructor, or if you want to adjust the contact time, or if you need our help at any point in the registration process you can contact us at hackerslash@icloud.com or call us at +8801538372891

    Are You Ready?