This last week I participated in two CTF competitions, March Hackness and PancakesCon. Both had a CTF from Cmd+Ctrl, but each were using different sites. The March Hackness used the Shadow Bank site, that I have attempted before at DefendCon this last year, and PancakesCon used the InstaFriends site.
After competing in these I decided to pull up the score cards and compare them and wow was I surprised.
Importance of progress
Monitoring your progress in learning is important as it helps you see your strong points and weak points that need to be worked on.
I use CTF competitions to monitor my progress in application penetration testing and my growth in understanding of the systems that can be used.
SideNote: What is a CTF?
For those that don't know what this style of CTF (Capture The Flag), it is an online competition where users find vulnerabilities in intentionally vulnerable websites and the stop scoring people usually wins some kind of prize.
Fun right? I think so. =)
My Progress Check Points
I never really had a checkpoint before as I had yet to attempt a CTF challenge twice, until this last week.
The Shadow Bank site was that progress check point for me and wow have I made some good progress.
First Time
My first attempt at the CTF was at DefendCon on September 26/27, 2019 and I was only able to get 1395 points (and most of those were from my bf poking around at it the second day when he was listening to talks with me.) I didn't do super well on my own.
Second Time
My second attempt at the CTF was this last week on March 19-21, 2020 and I was able to get 7720 points without any help. I scored in the top 40 people and at one point I was the 11th from the top.
Growth
It felt good to see what I had made a LOT of growth in a lot of areas
In 6 months I was able to add 6000 points to my score and see that SQL injection is still a weak point of me. And the image above shows a HUGE jump in difficulty that I was able to accomplish.
I went from only getting easy on my own to getting a good amount of "hard" flags. Go me.
Top comments (2)
Love it. ❤️
That is brilliant. It is very interesting to see your progression. 👏
Was it the exact same CTFs, with the same vulnerabilities in Game? If so, did you think "I know that one, I found it last time"? Or was it new ones?
It was the same Shadow Bank site that Cmd+Ctrl has that I did at separate events 6 months apart and it does have the same vulnerabilities.
The only "vulnerability" that I really remembered was a hidden page that my bf had found but not how he found it. It was enjoyable to find it again without help and see my progress and understanding level.