Facebook Open-Sources Their Capture-the-Flag Hacking Challenges

If you want to learn how to defeat computer security, nothing beats hands-on experience. Of course, if you get your hands on someone’s system without their permission, you may end up having a very short training that ends with a jail term. And that’s where capture-the-flag (CTF) events come in.

A CTF is a system of increasingly-difficult challenges that can’t be too easy or too hard. A well-designed CTF teaches all of the participants stuff that they didn’t know, no matter how far they get and what skills they came in with. Designing a good CTF is difficult.

But since it’s also a competition, running one also involves a lot of horrible bookkeeping for the folks running it. Registering teams and providing login pages is the dirty work that you have to do in the background, that takes away time from building the systems which others are going to take apart.

Which is why it’s great that Facebook is opening up their CTF-hosting platform, along with a few starter challenges, for us all to play along. We love CTFs and related hacking challenges. If this spurs the creation of more, we’re all for it. You can find the whole setup on GitHub.

If you’re new to CTFs, here’s an awesome collection of CTF-related material on GitHub to get you started. And if your tastes run more toward hardware hacking, we’ve covered previous firmware CTFs, but frankly there’s a lot more material out there. We feel a feature post coming on…

Thanks [ag4ve] for the unintentional tip!

3 thoughts on “Facebook Open-Sources Their Capture-the-Flag Hacking Challenges

  1. Quote: “Of course, if you get your hands on someone’s system without their permission, you may end up having a very short training that ends with a jail term”

    Not in my country. Here the crime is “circumventing security”. I doesn’t matter if you are security testing your **OWN** server or entering a competition like this, you can still get very harsh criminal penalties (a long time away).

    On a side note our country has the worlds worst record for the number of victims of cyber crime. Yep – dumb politicians writing even stupider laws.

    1. Well, the quote you referenced is still mostly true then…

      Regardless, it might be time to start planning to move somewhere with more FREEDOM (so anywhere other than America and NK :P )

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.