PicoCTF is an amazing capture the flag competition targeting middle and high school students. It’s a game that consists in solving various computer security challenges from different domains, see the picture below. 🙂


While I’m just starting out to explore the field of computer security I feel that I’ve learned a lot doing these challenges, there are many other challenge sites on the internet but their difficulty is for experienced users, beginners like me often struggle as there are no hints and you don’t know how to tackle the problem. Doing PicoCTF has helped me solve the “Classic, yet complicated!” crypto challenge from HackTheBox in less than 5 minutes! Things will start ticking once you have the foundations laid out.

Completing the first level will teach you:

  • How to analyze .pcap files using Wireshark.
  • How to use ssh.
  • How to break a substitution cipher and a polyalphabetic cipher.
  • How to decrypt AES using python.
  • How to decode base64 values.
  • How to use the RSA formula.
  • How to input non printable characters in the command line.
  • How to display non printable characters in the command line.
  • How the role HTML, CSS and JavaScript in a website.
  • How to bruteforce the arguments of a binary using bash.
  • How to exploit relative paths.
  • How to use Netcat.
  • What are binary numbers, hexadecimals and md5 hashes.
  • How to navigate better with the command line.
  • How to use various command line tools.
  • How to manipulate the client-side code of a website.

I’m like o.o right now! That’s quite amazing! I definitely didn’t know what SSH was until my last year of high school or so.

The challenges are pretty easy and anyone with some basic computer science knowledge can do them.

The next PicoCTF game starts in 28-SEPTEMBER-2018.

Happy hacking!