Introduction
If you are reading this page, you have probably been referenced here for one of a few reasons:
- You are a new/prospective member of ACM Cyber at UCLA / Psi Beta Rho.
- You are someone looking to get into playing CTFs.
- Someone interested in learning about cybersecurity.
This wiki is meant to be a collection of resources for learning about cybersecurity, particularly through CTFs. This is meant as both a starting point for beginners and a reference for more experienced players. This page is meant to explain some critical points when getting started with CTFs.
Where do I start?
This is probably one of the most popular questions the members of our club get. While this wiki was a project trying to solve this question, it by no means is a perfect solution. In fact, part of the beauty of cybersecurity / CTFs is that it is so interdisciplinary and that much of what you learn is from building experience. For that reason, the answer is to just start! The following video by LiveOverflow is also a great answer to this question that we highly recommend watching.
How to use this wiki?
In the current form of the wiki, it is not meant to be a text book but rather a collection of resources for people to explore. The order of the chapters is not to indicate any sort of importance or order of learning, but rather to group similar topics together. We recommend that you explore the wiki and find what interests you. A future goal of this project is to add a bit more context to each sort of field within cybersecurity, but for now we recommend looking at each chapter and seeing what interests you. The most important thing is to just start! Additionally, do not be afraid to ask questions! The members of our club are always happy to help.
What are CTFs?
CTF 101: https://ctf101.org/ CTF Field Guide: https://trailofbits.github.io/ctf/
Capture The Flag competitions (CTFs) are cybersecurity competitions where teams solve challenges to win points. These challenges generally involve exploiting some vulnerability in a target piece of code, which contains a secret "flag" (a unique string) that can only be accessed through exploiting said vulnerability. Once someone has figured out the exploit and captured the flag, they submit it for points, hence the name Capture The Flag.
Some common categories of challenges include Binary Exploitation (pwn), Reverse Engineering, Cryptography, and Web Exploitation, to name a few. Don't worry if you don't know what these mean yet, this repository should help with that!