Capture The Flag CTF365 is a realistic cyberwar game built for hackers, system administrators, security specialists, programmers and anyone with an interest in computer security
After signing up for the game you will be named a Combatant and asked to join the country you wish to fight for, each country can have many teams comprised of in between a minimum of five hackers and no more than ten. Teams can ally with each other to defend and attack a Fortress, members of the hacking team will have to safeguard their server while being on the offensive, when a user breaches another team Fortress the points go to the whole team. There will be a Hall of Fame with prizes for the most skilled hackers.
In this Capture The Flag contest the team’s server will run all major Internet services like SMTP, IMAP, FTP, one Content Management System with plugins for social media, embedded video and others, two different Internet browsers, three web applications and two different databases, part of your job will be to secure all of them.
Hacking game Capture The Flag CTF365
The game first campaign will mimic a National Agency network where you can play offensive security attacking their servers, as part of the attack strategy, you can DDoS another players virtual servers if you wish so, just like in real life. There is a CTF365 IRC server accessible from within the game, you can use it to find other players and start building your team or join others. There are only two rules, one, do not use the infrastructure to carry out real hacking attacks against non players, and rule two is do not launch a distributed denial of service against the game servers, if you break any of those rules your account might be terminated.
Capture The Flag is a superb way to get real hands on experience for penetration testers and sys admins defending their network, anyone with interest in computer security will benefit of this game emulating real life hacking scenarios, the aim is to have hundreds of targets in virtual machines that can be attacked at any time and for Capture The Flag to last a full year, there are future plans to offer Infosec companies the possibility to set up their own CTF contest to train students.
There are two kind of hackers, malicious hackers who crack email accounts, distribute viruses, cause destruction and steal money from others, known as crackers or black hat hackers, and ethical hackers who tweak hardware and software to create things that nobody ever thought about, hackers are also programmers and security penetration testers whose job is to find a vulnerability, software bug or technical error before the bad guys do, warning the company/community, aka white hat hackers, this post is about how to become an ethical hacker.
To become a computer hacker requires intelligence, dedication and tenacity, problem solving abilities are a must have and above all you must like computer tinkering since you will spend lots of time working with them. Even thought most desktop computers run on Windows, most servers run some kind of Unix variant, i.e. Linux, FreeBSD, Solaris.
Knowing only Windows will get you nowhere, the first step you should do to become a hacker is to get used to a Unix based operating system where you get to see that not all is a point and click mouse and you can play with a program’s source code, unlike Windows or MAC, source code in Unix is free to modify and distribute, aka open source.
GRML Linux hackers distribution
Linux distributions for hackers:
GRML: A Debian based Linux distribution specially designed for system administrators and text tool users, capable of analyzing systems/networks, to be used as a rescue system or as a main desktop.
Kali Linux: Distribution intended for security professionals, with tools for hacking wireless access points, exploiting web servers and learning, an indispensable security penetration testing tool.
Tip: If you are a Linux beginner download something easier like Knoppix, if you do not want to install it in your computer it can be run as a live CD/DVD or USB thumbdrive, and do not forget that BSD distributions like OpenBSD are also appropriate for hackers.
Programming languages a hacker should learn
Python is a well designed and documented programming language ideal for beginners due to its power and friendliness, C is a +40 years old general purpose programming language still in use, C++ is related to C and knowing one of the languages will make learning the other easy, Perl is a Unix scripting language often used in network administration, you will need to know Perl in order to understand other people scripts rather than writing it yourself, LISP (LISt Processing) is an ancient programming language closely connected with artificial intelligence projects, reverse engineering and being able to disassemble software is a must have skill for software hackers, if you come across a trojan you will want to know how it works and what it does.
Python: Flexible intuitive programming language with clear and readable syntax, it uses standard libraries and third party modules.
Perl: Feature rich programming language that can be embedded into webservers and databases, also used in e-commerce.
Learn the English language
English is the main communication language in between people of different countries wherever you go, the ability to communicate verbally and in writing in English is an essential skill, if you have a different mother tongue, once you have mastered the English language you will be able to translate documentation and will be in a better position than monolingual people. English speaking people must also take care not to misspell or make grammatical errors as that makes you look illiterate, impressions count, nobody is going to hire someone who appears to be uneducated and can’t spell.
Reference Dictionary: A free online thesaurus and dictionary with words of the day and quotes to help you improve your reading and writing skills.
Social engineering
Information and communication technologies relies on humans one way or another, human resources, network administrators and security guards are all composed of humans, if a system is too hard to get into then hack the people in charge (aka social engineering). Some companies hire penetration testers to discover their own weak points and test staff security awareness before something happens for real.
How to become a hacker
You will want to learn human psychology, what makes people give up their password to strangers? How to get information out of people without knowing them? Can people be fooled into thinking a stranger works for the company just because he says so? All of that is used by hackers to learn of administrator passwords and much more.
Security Now podcast: Weekly podcast with computer security expert Steve Gibson, news and tutorials about hacking, security vulnerabilities and Internet privacy.
Learn HTML
Everything worthwhile to learn is on the Internet, tutorials, ebooks, software, is all served to you in websites, you should learn HTML language (not a programming language) this will be useful to understand how websites work and help you to create a blog/website or manage a forum where to interact with others.
W3Schools: Web developer portal for beginners and advanced users, you will learn how to develop a website and technologies being used to do that (HTML, XML, CSS, JavaScript, PHP, and SQL).
Hacking war games
Technology evolves quickly you need to keep learning and adapt to new challenges, security is not a target that can be reached, it is a process that you need to keep improving for ever, hackers never give up due to failure, they keep trying until they find a solution no matter how hard it is. Getting involved in an open source project will be a good way to be part of a community and keep your skills up to date, open source project take all kind of volunteers regardless of skills, if you can’t program yet maybe you can write documentation on how things work.
Another good way to keep your skills up to date and getting started in the hacking world is by joining a war game where the target is to hack other people, everything being legal and only being simulated, aka hacker games.
HackThisSite: A free legal website where to train your hacking skills, with tutorials and a forum where to discuss network security and anything related with computers.
Hacker-Project: Online hacking simulation game where you have to complete tasks like installing virii, hiding/encrypting files,recover logs, acquire computer IPs and collect profits of your hacking activities.
Get hacker status
If you help to test and debug open source software, keep the infrastructure working, write open source software, and publish useful information and submit it to conferences, you will soon come into contact with other hackers who will appreciate your help and dedication as well as admire you for your work, you will make a name for yourself and if you are good enough, get invited to conferences as a speaker, networking will help you be part of the community and maybe even find an employer or people with whom to work together in a project.
Defcon (DEFense CONdition): One of the oldest hackers conferences in the world where to meet like minded people and showcase new hacking tricks and tips.
BlackHat: A series of highly technical information security conferences that brings together hackers from government agencies, corporations and the underground world.
