SANReN Cyber Security Challenge

Introduction

Most beginners assume hacking = tools.

In reality, CTF performance follows this hierarchy: Mindset -> Conceptual Knowledge -> Operating System Skills -> Programming Logic – > Security Techniques -> Tools

Apply the “Hacker Mindset”

Beginners often think like users.

You must think like an attacker.

Ask:

• What did the developer assume?
• What input is trusted?
• What was forgotten?
• What leaks information?

Follow a Basic Learning Path

Most beginners fail because they randomly try challenges.

Follow this progression:

• Step 1: Foundations
  • Install Linux VM (Kali Linux recommended) – Get comfortable in the environment.
  • Understand the Linux command line.
  • Learn networking basics.
  • Explore file permissions.
  • Complete OverTheWire challenges – Linux mastery.
• Step 2: First Skills
  • Complete simple Cryptography & Forensics CTF challenges.
  • Use CyberChef.
  • Master Web Exploitation basics.
  • When completing CTF challenges, ask yourself:
    • Does this look encoded?
    • Is input reflected?
    • Is metadata hidden?
    • Is something misconfigured?
  • Start with picoCTF challenges – best beginner platform.
• Step 3: Skill Expansion
  • Learn basic reverse engineering.
  • Complete TryHackMe paths to acquire more advance skills.
  • Participate in live CTF events.

Foundational Knowledge

The foundational blocks to get going with CTFs

Linux Proficiency – Non-Negotiable

As an aspiring CTF participant, you should become comfortable with:

• Navigate the filesystem (cd, ls, pwd…)
• File Permissions
  • chmod – Change permissions
  • chown – Change owners
• Pipes and Redirection
• Searching
  • grep – a powerful command-line utility used to search for specific text patterns within files or input streams.
  • find – used to search for files and directories in a Linux file system based on various criteria like name, size, permissions, and modification time
  • awk – a versatile text-processing utility and a complete data-driven programming language used in Linux and Unix-like systems.
• Archives (zip, tar, gzip)
• Networking
  • netstat – a command-line tool used to display active TCP/UDP connections, listening ports, ethernet statistics, and routing tables.
  • nc – a powerful networking utility used for reading from and writing to network connections using TCP or UDP protocols.
  • curl – a versatile command-line tool used to transfer data to or from a server using various network protocols, including HTTP, HTTPS, FTP, and SMTP.
  • ssh – a network protocol used to securely log into and manage remote computers over an unsecured network.
• File Transfers

Networking Concepts

Advanced networking experience (such as on a CCNA-level) is not required. However, an understanding of basic networking concepts is highly recommended.

• TCP vs UDP
  • TCP: Transmission Control Protocol is a reliable, connection-oriented protocol that guarantees data delivery via acknowledgments, ideal for web browsing and file transfers.
  • UDP: User Datagram Protocol is a fast, connectionless protocol that sends data without guarantees, making it suited for real-time streaming and gaming.
• Ports and Services
• DNS Loopup
  • dig – Shows where traffic is currently going (IPs, mail servers, name servers).
  • whois – Shows who owns the domain, registrar info, and expiration dates.
• HTTP Request Methods
• Headers and Cookies

Programming Thinking

You should be able to

• Read Python
• Understand loops/conditions
• Modify scripts
• Parse data (JSON/XML)
• Automate repetitive tasks
• Regex basics
• Basic C understanding (for Reverse Engineering challenges)

You will often adapt scripts rather than write from scratch.

Deep Dive into CTF Categories

Web Exploitation

Fundamental Knowledge

• Understanding of HTML structure
• HTTP methods (GET/POST)
• Cookies & Sessions
• Parameter Manipulation
• Core Vulnerabilities:
  • SQL Injection
  • Cross-Site Scripting (XSS)
  • Directory Traversal
  • File Inclusion
  • Authentication Bypass
  • Broken Access Control (IDOR)

Basic skills required

• Intercept requests
• Modify/manipulate parameters
• Replay traffic
• Inspect responses
• Observe server behaviour
• Recommended tool: BurpSuite, Browser DevTools

For more information, see Web Exploitation Training

Cryptography

Fundamental Knowledge

• Understanding of Base64
• Be familiar with Hex and Binary
• ROT variants
• URL Encoding
• XOR Encryption
• Frequency Analysis
• Hashing

Be on the lookout for

• Base64 layered multiple times
• Ceasar Shifts
• Recommended Tool: CyberChef

For more information, see Cryptography Training

Digital Forensics

Fundamental Knowledge

• Analysis of
  • Images
  • PCAP Files
  • Memory Dumps
  • Documents
  • Disk Images
• Required to understand
  • File signatures
  • Metadata extraction
  • Archive inspection
  • PCAP analysis
  • Hidden data discovery
• Recommended commands
  • file – a standard Unix and Linux utility used to identify the type of a file based on its actual content rather than its file extension.
  • strings – is a command-line utility used to extract and display sequences of printable characters from binary or non-text files.
  • binwalk – a command-line tool used to analyze, reverse engineer, and extract data from binary images.
  • exiftool – a command for reading, writing, and editing metadata.
• Recommended tools
  • Autopsy
  • Wireshark

For more information, see Forensics Training

Reverse Engineering

Skills

• Identifying executable types
• Reading pseudo-code
• Following logic branches
• Identifying checks
• Extracting hardcoded secrets

Able to recognize

• Function calls
• Loops
• Conditionals
• Stack usage

For more information, see Reverse Engineering Training

The Fastest Path to Becoming Good

If you remember only one thing:

Play → Fail → Research → Retry → Document

Repeat hundreds of times.