{"id":1277,"date":"2026-04-14T12:21:51","date_gmt":"2026-04-14T10:21:51","guid":{"rendered":"https:\/\/csc.ac.za\/?page_id=1277"},"modified":"2026-04-14T12:21:52","modified_gmt":"2026-04-14T10:21:52","slug":"a-beginners-guide-to-participating-in-ctfs","status":"publish","type":"page","link":"https:\/\/www.csc.ac.za\/?page_id=1277","title":{"rendered":"A Beginner&#8217;s Guide to Participating in CTFs"},"content":{"rendered":"\n<h3 class=\"wp-block-heading\">Introduction<\/h3>\n\n\n\n<p>Most beginners assume hacking = tools.<\/p>\n\n\n\n<p>In reality, CTF performance follows this hierarchy: <em>Mindset -> Conceptual Knowledge -> Operating System Skills -> Programming Logic &#8211; > Security Techniques -> Tools<\/em><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Apply the &#8220;Hacker Mindset&#8221;<\/h3>\n\n\n\n<p>Beginners often think like users.<\/p>\n\n\n\n<p><em><strong>You must think like an attacker.<\/strong><\/em><\/p>\n\n\n\n<p>Ask:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>What did the developer assume?<\/li>\n\n\n\n<li>What input is trusted?<\/li>\n\n\n\n<li>What was forgotten?<\/li>\n\n\n\n<li>What leaks information?<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Follow a Basic Learning Path<\/h3>\n\n\n\n<p>Most beginners fail because they <strong>randomly try challenges<\/strong>.<\/p>\n\n\n\n<p>Follow this progression:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Step 1<\/strong>: Foundations\n<ul class=\"wp-block-list\">\n<li>Install Linux VM (Kali Linux recommended) &#8211; Get comfortable in the environment.<\/li>\n\n\n\n<li>Understand the Linux command line.<\/li>\n\n\n\n<li>Learn networking basics.<\/li>\n\n\n\n<li>Explore file permissions.<\/li>\n\n\n\n<li>Complete <a href=\"https:\/\/overthewire.org\/wargames\/\">OverTheWire<\/a> challenges &#8211; <em>Linux mastery<\/em>.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Step 2<\/strong>: First Skills\n<ul class=\"wp-block-list\">\n<li>Complete simple Cryptography &amp; Forensics CTF challenges.<\/li>\n\n\n\n<li>Use CyberChef.<\/li>\n\n\n\n<li>Master Web Exploitation basics.<\/li>\n\n\n\n<li>When completing CTF challenges, ask yourself:\n<ul class=\"wp-block-list\">\n<li>Does this look encoded?<\/li>\n\n\n\n<li>Is input reflected?<\/li>\n\n\n\n<li>Is metadata hidden?<\/li>\n\n\n\n<li>Is something misconfigured?<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Start with <a href=\"https:\/\/picoctf.org\/\">picoCTF<\/a> challenges &#8211; <em>best beginner platform<\/em>.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Step 3<\/strong>: Skill Expansion\n<ul class=\"wp-block-list\">\n<li>Learn basic reverse engineering.<\/li>\n\n\n\n<li>Complete <a href=\"https:\/\/tryhackme.com\/hacktivities\">TryHackMe<\/a> paths to acquire more advance skills.<\/li>\n\n\n\n<li>Participate in live CTF events.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Foundational Knowledge<\/h3>\n\n\n\n<p>The foundational blocks to get going with CTFs<\/p>\n\n\n\n<h5 class=\"wp-block-heading\">Linux Proficiency &#8211; Non-Negotiable<\/h5>\n\n\n\n<p>As an aspiring CTF participant, you should become comfortable with:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Navigate the filesystem (<em>cd<\/em>, <em>ls<\/em>, <em>pwd<\/em>&#8230;)<\/li>\n\n\n\n<li><a href=\"https:\/\/www.linuxfoundation.org\/blog\/blog\/classic-sysadmin-understanding-linux-file-permissions\">File Permissions<\/a>\n<ul class=\"wp-block-list\">\n<li><em>chmod <\/em>&#8211; Change permissions<\/li>\n\n\n\n<li><em>chown<\/em> &#8211; Change owners<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><a href=\"https:\/\/www.geeksforgeeks.org\/linux-unix\/piping-in-unix-or-linux\/\">Pipes and Redirection<\/a><\/li>\n\n\n\n<li>Searching\n<ul class=\"wp-block-list\">\n<li><em>grep <\/em>&#8211; a powerful command-line utility used to search for specific text patterns within files or input streams.<\/li>\n\n\n\n<li><em>find <\/em>&#8211; used to search for files and directories in a Linux file system based on various criteria like name, size, permissions, and modification time<\/li>\n\n\n\n<li><em>awk <\/em>&#8211; a versatile text-processing utility and a complete data-driven programming language used in Linux and Unix-like systems.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Archives (zip, tar, gzip)<\/li>\n\n\n\n<li>Networking\n<ul class=\"wp-block-list\">\n<li><em>netstat <\/em>&#8211; a command-line tool used to display active TCP\/UDP connections, listening ports, ethernet statistics, and routing tables.<\/li>\n\n\n\n<li><em>nc<\/em> &#8211; a powerful networking utility used for reading from and writing to network connections using TCP or UDP protocols.<\/li>\n\n\n\n<li><em>curl<\/em> &#8211; a versatile command-line tool used to transfer data to or from a server using various network protocols, including HTTP, HTTPS, FTP, and SMTP.<\/li>\n\n\n\n<li><em>ssh <\/em>&#8211; a network protocol used to securely log into and manage remote computers over an unsecured network.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>File Transfers<\/li>\n<\/ul>\n\n\n\n<h5 class=\"wp-block-heading\">Networking Concepts<\/h5>\n\n\n\n<p>Advanced networking experience (such as on a CCNA-level) is not required. However, an understanding of basic networking concepts is highly recommended.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>TCP vs UDP\n<ul class=\"wp-block-list\">\n<li><strong>TCP<\/strong>: Transmission Control Protocol is a reliable, connection-oriented protocol that guarantees data delivery via acknowledgments, ideal for web browsing and file transfers.<\/li>\n\n\n\n<li><strong>UDP<\/strong>: User Datagram Protocol is a fast, connectionless protocol that sends data without guarantees, making it suited for real-time streaming and gaming.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><a href=\"https:\/\/csc.ac.za\/?page_id=916\">Ports and Services<\/a><\/li>\n\n\n\n<li>DNS Loopup\n<ul class=\"wp-block-list\">\n<li><em>dig <\/em>&#8211; Shows where traffic is currently going (IPs, mail servers, name servers).<\/li>\n\n\n\n<li><em>whois <\/em>&#8211; Shows who owns the domain, registrar info, and expiration dates.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><a href=\"https:\/\/www.w3schools.com\/TAgs\/ref_httpmethods.asp\">HTTP Request Methods<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.geeksforgeeks.org\/computer-networks\/http-headers-cookie\/\">Headers and Cookies<\/a><\/li>\n<\/ul>\n\n\n\n<h5 class=\"wp-block-heading\">Programming Thinking<\/h5>\n\n\n\n<p>You should be able to<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Read Python<\/li>\n\n\n\n<li>Understand loops\/conditions<\/li>\n\n\n\n<li>Modify scripts<\/li>\n\n\n\n<li>Parse data (JSON\/XML)<\/li>\n\n\n\n<li>Automate repetitive tasks<\/li>\n\n\n\n<li>Regex basics<\/li>\n\n\n\n<li>Basic C understanding (for Reverse Engineering challenges)<\/li>\n<\/ul>\n\n\n\n<p>You will often <em><strong>adapt <\/strong><\/em>scripts rather than write from scratch.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Deep Dive into CTF Categories<\/h3>\n\n\n\n<h5 class=\"wp-block-heading\">Web Exploitation<\/h5>\n\n\n\n<p>Fundamental Knowledge<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Understanding of HTML structure<\/li>\n\n\n\n<li>HTTP methods (GET\/POST)<\/li>\n\n\n\n<li>Cookies &amp; Sessions<\/li>\n\n\n\n<li>Parameter Manipulation<\/li>\n\n\n\n<li>Core Vulnerabilities:\n<ul class=\"wp-block-list\">\n<li>SQL Injection<\/li>\n\n\n\n<li>Cross-Site Scripting (XSS) <\/li>\n\n\n\n<li>Directory Traversal<\/li>\n\n\n\n<li>File Inclusion<\/li>\n\n\n\n<li>Authentication Bypass<\/li>\n\n\n\n<li>Broken Access Control (IDOR)<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<p>Basic skills required<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Intercept requests<\/li>\n\n\n\n<li>Modify\/manipulate parameters<\/li>\n\n\n\n<li>Replay traffic<\/li>\n\n\n\n<li>Inspect responses<\/li>\n\n\n\n<li>Observe server behaviour<\/li>\n\n\n\n<li>Recommended tool: BurpSuite, Browser DevTools<\/li>\n<\/ul>\n\n\n\n<p>For more information, see <a href=\"https:\/\/csc.ac.za\/?page_id=148\">Web Exploitation Training<\/a><\/p>\n\n\n\n<h5 class=\"wp-block-heading\">Cryptography<\/h5>\n\n\n\n<p>Fundamental Knowledge<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Understanding of Base64<\/li>\n\n\n\n<li>Be familiar with Hex and Binary<\/li>\n\n\n\n<li>ROT variants<\/li>\n\n\n\n<li>URL Encoding<\/li>\n\n\n\n<li>XOR Encryption<\/li>\n\n\n\n<li>Frequency Analysis<\/li>\n\n\n\n<li>Hashing<\/li>\n<\/ul>\n\n\n\n<p>Be on the lookout for<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Base64 layered multiple times<\/li>\n\n\n\n<li>Ceasar Shifts<\/li>\n\n\n\n<li>Recommended Tool: CyberChef<\/li>\n<\/ul>\n\n\n\n<p>For more information, see <a href=\"https:\/\/csc.ac.za\/?page_id=587\">Cryptography Training<\/a><\/p>\n\n\n\n<h5 class=\"wp-block-heading\">Digital Forensics<\/h5>\n\n\n\n<p>Fundamental Knowledge<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Analysis of\n<ul class=\"wp-block-list\">\n<li>Images<\/li>\n\n\n\n<li>PCAP Files<\/li>\n\n\n\n<li>Memory Dumps<\/li>\n\n\n\n<li>Documents<\/li>\n\n\n\n<li>Disk Images<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Required to understand\n<ul class=\"wp-block-list\">\n<li>File signatures<\/li>\n\n\n\n<li>Metadata extraction<\/li>\n\n\n\n<li>Archive inspection<\/li>\n\n\n\n<li>PCAP analysis<\/li>\n\n\n\n<li>Hidden data discovery<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Recommended commands\n<ul class=\"wp-block-list\">\n<li><em>file <\/em>&#8211; a standard Unix and Linux utility used to identify the type of a file based on its actual content rather than its file extension.<\/li>\n\n\n\n<li><em>strings <\/em>&#8211; is a command-line utility used to extract and display sequences of printable characters from binary or non-text files.<\/li>\n\n\n\n<li><em>binwalk <\/em>&#8211; a command-line tool used to analyze, reverse engineer, and extract data from binary images.<\/li>\n\n\n\n<li><em>exiftool <\/em>&#8211; a command for reading, writing, and editing metadata.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Recommended tools\n<ul class=\"wp-block-list\">\n<li>Autopsy<\/li>\n\n\n\n<li>Wireshark<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<p>For more information, see <a href=\"https:\/\/csc.ac.za\/?page_id=249\">Forensics Training<\/a><\/p>\n\n\n\n<h5 class=\"wp-block-heading\">Reverse Engineering<\/h5>\n\n\n\n<p>Skills<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Identifying executable types<\/li>\n\n\n\n<li>Reading pseudo-code<\/li>\n\n\n\n<li>Following logic branches<\/li>\n\n\n\n<li>Identifying checks<\/li>\n\n\n\n<li>Extracting hardcoded secrets<\/li>\n<\/ul>\n\n\n\n<p>Able to recognize<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Function calls<\/li>\n\n\n\n<li>Loops<\/li>\n\n\n\n<li>Conditionals<\/li>\n\n\n\n<li>Stack usage<\/li>\n<\/ul>\n\n\n\n<p>For more information, see <a href=\"https:\/\/csc.ac.za\/?page_id=143\">Reverse Engineering Training<\/a><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">The Fastest Path to Becoming Good<\/h3>\n\n\n\n<p>If you remember only one thing:<\/p>\n\n\n\n<p><strong>Play \u2192 Fail \u2192 Research \u2192 Retry \u2192 Document<\/strong><\/p>\n\n\n\n<p>Repeat hundreds of times.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Introduction Most beginners assume hacking = tools. In reality, CTF performance follows this hierarchy: Mindset -> Conceptual Knowledge -> Operating System Skills -> Programming Logic &#8211; > Security Techniques -> Tools Apply the &#8220;Hacker Mindset&#8221; Beginners often think like users.&hellip; <\/p>\n","protected":false},"author":8,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-1277","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/www.csc.ac.za\/index.php?rest_route=\/wp\/v2\/pages\/1277","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.csc.ac.za\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.csc.ac.za\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.csc.ac.za\/index.php?rest_route=\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/www.csc.ac.za\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1277"}],"version-history":[{"count":17,"href":"https:\/\/www.csc.ac.za\/index.php?rest_route=\/wp\/v2\/pages\/1277\/revisions"}],"predecessor-version":[{"id":1296,"href":"https:\/\/www.csc.ac.za\/index.php?rest_route=\/wp\/v2\/pages\/1277\/revisions\/1296"}],"wp:attachment":[{"href":"https:\/\/www.csc.ac.za\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1277"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}