Oct. 2: Investigating how to set up a local Capture The Flag environment, for practice. After a bit of digging, I found several pre-packaged VMs to consider:
- The UC Santa Barbara iCTF Competition Framework
- Exploit Exercises
- Stripe CTF 2.0
- An Offline Capture The Flag-Style Virtual Machine for Cybersecurity Education
There’s several lists floating around of CTF events, although most of these aren’t what I’m looking for right now. One in particular that caught my eye was captf.com, since it seems to be pretty much a giant dump of possible sources.I also discovered some CTF-adjacent projects, like OWASP Juice Shop, and even a paid service that seems to host CTF servers. Being a bit of an academic at heart, I was glad to find a couple of papers on the topic of hosting a CTF, and it’s value in education and mentoring.
Oct. 3-8: Only reading for the remainder of the week – it’s been a busy one at work, and at home. 30 minutes every day though!