Many folks ask me how you can get started as a penetration tester. Save for a real-life penetration test, capture-the-flag (CTF) competitions are probably the most effective ways for you to hone your offensive security skills. What's best: they're a ton of fun, even for experienced pentesters. The folks over at CTF365.com have put together a one-off CTF called Hacker's Dome, which will start on May 17th and run for 48 hours, so save the date.
Hacker's Dome - First Blood CTF is a beginner/intermediate level which means that is open to anyone who wants to benchmark their hacking skills. Though it will last 48 hours the average time you're likely to spend on it would be few hours. The CTF is online only, leveraging the virtual platform from CTF365.com. Participants will get a VPN login to access the CTF network. First Blood winners will get prizes worth $6,000.
According to the CTF's rule page: “We design the challenges with public vulnerabilities or known misconfigurations. Most of them can be found on exploit-db.com or other public sources. We don't target 0-day vulnerabilities, so you won't have to disclose your knowledge about arcane methods for getting access to a machine. We use Kali and the basic tools for the purpose of demonstrating the concept of a CTF challenge when we discuss the technical aspects of a competition.”
At Rapid7, we're always happy to support these kind of community events, so we've donated one 1-year license of Metasploit Pro for the CTF raffle, which includes other awesome prizes. If you'd like to try out Metasploit Pro right now, or to participate in the CTF, you can download a free 14-day trial of Metasploit Pro.
You can participate the Hacker's Dome CTF for an fee of $46. The competition is free of charge for those of you who own a CTF365 Bronze Account and only $46 for those who wants just to play Hacker's Dome – First Blood CTF.
If this CTF sounds like a fun idea, block out that weekend and enroll now.