Gamification and CTFs
What do I mean by “Gamification” and what is a CTF?
Webster’s Dictionary defines Gamification as
the process of adding games or game-like elements to something (such as a task), so as to encourage participation
Capture the flag (CTF) is traditionally an outdoor game where two teams each have a flag (or other marker) and the objective is to capture the other team’s flag, located at the team’s “base,” and bring it safely back to your base.
The biggest thing is they are lots of fun!
Each CTF has its own scenario or strategy from attack/defence, point orientated where different flags get you a certain amount of points, King of the Hill which is similar to attach/defence but rather than “one team defending and one team attacking” everyone is attacking a prebuilt environment.
King of the Hill is the most common CTF type. Some websites offer these types of CTFs and have scoreboards were players are ranked and awarded points based on their progress and the quicker you capture a system the more points you are awarded.
There are also hardware CTFs, these can happen for those into hardware devices, their security mechanisms and can usually extend into lock picking, safes, card readers, electronics and motor vehicles.
In information security, Capture the Flags (CTFs), a type of war-game, is a gamification of computer security. CTFs are usually designed to serve as an educational exercise to give participants experience in finding deficiencies in a machine, system, operating system or application’s security, as well as conducting and reacting to the sort of attacks found in the real world.
I have only recently started to get into CTF type sites like Hack The Box and Try Hack Me. You can see my progress below.
| Site | Badge |
|---|---|
| Try Hack Me | |
| Hack The Box |