CTF Practice

If you find yourself on this page, you probably are looking for resources on how to get into CTFs & security.

Discussion

Real-time(ish) help from a Real People™️.

Discord: Reverse Engineering, OpenToAll, picoCTF, CryptoHack
Reddit: /r/securityCTF, /r/LiveOverflow

Check out the practice challenges table below - any practice sites with 💬 have an active Discord or IRC for discussion.

Video Content Creators (YouTube/Twitch)

Verbal and visual walkthroughs of challenges, concepts, & news.

Security Creators: A randomized list of security video creators/streamers, information about the type of content, and where/when to watch.

Podcasts

Insight into the CTF + security communities and news.

CTF Radiooo: A CTF podcast with teachers, creators, competitors and more from around the CTF community!
Darknet Diaries: A podcast about the hacker community and going-ons.

CTFs

Live competitions.

There are not many beginner-friendly CTFs. If you choose to play CTFs, it’s recommended you stick to a problem and continue working on it after the CTF if you don’t finish. Playing with a team is also highly recommended!

You can keep an eye out for other beginner-friendly CTFs on CTFTime. Challenge writeups can be found on CTFTime Writeups, CTF Writeups², and with a quick Google.

Practice Challenges

Challenges at your own pace.

Here are my top recommended practice sites for absolute beginners:

pwn.college 💬

Best of Courses: Livestream and recorded lectures. Tons of challenges for each topic, really leaning into “practice makes perfect”.

Pwnable.kr 💬

Best of Pwn: *nix pwnables of progressing difficulty.

Microcorruption

Best of Rev: Embedded reverse engineering challenges an online debugging environment.

PortSwigger Web Security Academy

Best of Web: Extensive learning materials & labs for practice. Learning material is very detailed and labs are setup as checkpoints throughout the learning material.

CryptoHack 💬

Best of Crypto: Lessons and challenges of increasing difficulty covering crypto basics and more advanced topics.

picoGym 💬

Best of Variety: Many challenges targeting a variety of skills, created for absolute beginners.

	Beginner	Teaching	Paid	Discussion	Unix	Windows	Mobile	Pwn	Rev	Web	Crypto	Misc
pwn.college	👶	✏️		💬	🐧			💣	⚙️	🕸️
Pwnable.kr	👶			💬	🐧			💣	⚙️
OverTheWire	👶			💬	🐧			💣
Gracker	👶				🐧			💣
SmashTheStack					🐧			💣
Microcorruption	👶				🐧			💣	⚙️
Pwnable.tw								💣
Exploit Exercises (VulnHub mirror)					🐧			💣
Pwnable.xyz	👶				🐧			💣
Pawnyble		✏️			🐧	🪟	📱	💣
HackSysExtremeVulnerableDriver						🪟		💣
Nightmare	👶	✏️			🐧			💣	⚙️
Pwn Adventure 3: Pwnie Island						🪟		💣	⚙️			🤷
FlareOn					🐧🍎	🪟	📱		⚙️
Reversing.kr									⚙️
NetGarage					🐧				⚙️
Challenges.re					🐧🍎	🪟			⚙️
Crackmes					🐧🍎	🪟			⚙️
Android App Reverse Engineering 101							📱		⚙️
awesome-mobile-CTF							📱		⚙️
PortSwigger Web Security Academy	👶	✏️								🕸️
OWASP Juice Shop	👶									🕸️
Damn Vulnerable Web App	👶									🕸️
chall.stypr.com				💬						🕸️
Lord of SQLi										🕸️
webhacking.kr				💬						🕸️
Websec.fr										🕸️
Hacker101 CTF										🕸️
Webhacking.kr										🕸️
XSS Payloads Training										🕸️
HackThisSite	👶									🕸️
Google XSS Game	👶									🕸️
bWAPP										🕸️
Google Gruyere										🕸️
WebGoat										🕸️
PentesterLab			💵							🕸️
CryptoHack	👶	✏️		💬							🔢
Cryptopals	👶										🔢
picoGym	👶			💬	🐧			💣	⚙️	🕸️	🔢	🤷
247CTF	👶			💬	🐧			💣	⚙️	🕸️	🔢	🤷
Google CTF Beginner’s Quest	👶			💬	🐧			💣	⚙️	🕸️	🔢	🤷
HackTheBox	👶	✏️	💵	💬	🐧	🪟	📱	💣	⚙️	🕸️	🔢	🤷
CTFLearn	👶			💬	🐧			💣	⚙️	🕸️	🔢	🤷
Root-me	👶			💬	🐧	🪟		💣	⚙️	🕸️	🔢	🤷
Capture the Flag at UCF	👶							💣	⚙️	🕸️	🔢	🤷
VulnHub
Hacker.org										🕸️	🔢
Ringzer0
Hellbound Hackers				💬				💣	⚙️	🕸️	🔢	🤷
W3Challs					🐧	🪟		💣	⚙️	🕸️	🔢	🤷
Hacker Gateway										🕸️	🔢	🤷
flaws.cloud												🤷
flaws2.cloud												🤷
TryHackMe			💵
CTF Academy										🕸️	🔢	🤷
CyberSecLabs			💵		🐧	🪟						🤷
Rop Emporium	👶							💣

Footnotes

Has not been run since 2019. ↩
Has not been updated since 2018. ↩