In Capture the Flag (CTF), your team take on the role of a hacker and attempt to find text strings, called "flags", which have been embedded in deliberately vulnerable servers. This feature is set up as an online competition, so your team can practice their cybersecurity skills, and measure their hacking skills against other team members. 

How does it work?

1. You schedule a competition for a specific date and time.

2. You invite participants by email.

3. When the scheduled time arrives, the competition becomes active.

4. The invited team members log in and join the competition.
   Each invitee gets their your own private “machine” (like a virtual computer).
   This machine has some vulnerabilities (intentional weaknesses).

5. Your team members solve the challenge by:

   • Finding and exploiting these weaknesses.

   • Retrieving hidden “flags” (text strings). Usually there are two flags: User flag (easier) and Root flag (harder)

6. They submit the flags they find.

The program checks if the flags are correct.
 

Scoring

• Both flags correct = full score

• One correct = partial score

• None correct = no score

Leaderboard

Participants are ranked based on their scores.

Related Articles

• Try our CTF hacking exercises

• View Active, Scheduled and Completed CTF Sessions