Intensifying Practical Based Learning of Penetration Testing using CTF

Intensifying Practical Based Learning of Penetration Testing using CTF

연구 분야: Strategies

학회: 2021 3rd International Conference on Advances in Computing, Communication Control and Networking (ICAC3N)

In a world where we cannot imagine even a single day without a computer, we also need to understand that everyday many unauthorized criminals find exploits in those computers and networks and not only cause disruption in services but also cost huge amount of monetary losses and sometimes demand for ransom. To prevent such security risks, we need people who understand these vulnerabilities and flaws in any system, people who can think like attackers. To find these experts many organizations conduct different types of tests, contests, and interviews. These platforms who conduct such contests are called CTF’s (Capture the Flag) where candidates must find the vulnerabilities and flags in a buggy/vulnerable system. There are flags and checkpoints by problem setter which needs to be submitted by the contestant. Conventionally, the shortlisted candidates are then invited for an interview about their procedure and method of finding the vulnerability. This adds an extra step and increases cost due to human engagement. We aim to develop a better CTF platform where various upgrades like more accurate leaderboard with better score calculation formula and ways to reduce and simplify selection procedure by introducing features such as write-ups.