This last week I participated in two CTF competitions, March Hackness and PancakesCon. Both had a CTF from Cmd+Ctrl, but each were using different sites. The March Hackness used the Shadow Bank site, that I have attempted before at DefendCon this last year, and PancakesCon used the InstaFriends site.
After competing in these I decided to pull up the score cards and compare them and wow was I surprised.
Monitoring your progress in learning is important as it helps you see your strong points and weak points that need to be worked on.
I use CTF competitions to monitor my progress in application penetration testing and my growth in understanding of the systems that can be used.
SideNote: What is a CTF?
For those that don't know what this style of CTF (Capture The Flag), it is an online competition where users find vulnerabilities in intentionally vulnerable websites and the stop scoring people usually wins some kind of prize.
Fun right? I think so. =)
I never really had a checkpoint before as I had yet to attempt a CTF challenge twice, until this last week.
The Shadow Bank site was that progress check point for me and wow have I made some good progress.
My first attempt at the CTF was at DefendCon on September 26/27, 2019 and I was only able to get 1395 points (and most of those were from my bf poking around at it the second day when he was listening to talks with me.) I didn't do super well on my own.
It felt good to see what I had made a LOT of growth in a lot of areas
In 6 months I was able to add 6000 points to my score and see that SQL injection is still a weak point of me. And the image above shows a HUGE jump in difficulty that I was able to accomplish.