Put Your Hacking Skills To The Test With Facebook’s Open-Sourced Capture The Flag Platform

Those just starting out in the cybersecurity field can now test their hacking skills in a safe and secure environment.

Today, Facebook announced that it is open-sourcing its Capture the Flag (CTF) platform on GitHub to encourage students and developers to learn more about online security and bugs, according to Venture Beat.

Capture the Flag competitions are used at hacker conventions such as Def Con, highlighting attacks and vulnerabilities in computer security.

Gulshan Singh, a software engineer on Facebook's threat infrastructure team, competed in CTFs during his days at the University of Michigan, and successfully found a job in his chosen field.

"It exposed me to a fun and practical side of security that I didn't get in class," he said in a company blog post. "I learned about RSA encryption in my computer science courses, but CTFs taught me how to break it when it wasn't properly implemented, which happens all the time in the real world. It's a lot of fun to learn this offensive side of security, but at the same time learning about these flaws makes you a better defender, as well."

This is not the first time Facebook has open-sourced its in-house programs. The company has more than 200 projects on GitHub, and in 2015, it open-sourced Infer, a code-verification tool that eliminates bugs found in mobile apps. It continues to open-source a number of other tools, such as Transform, a piece of software used to stream users' 360-degree virtual reality videos.

"Anybody will be able to run their own CTF competition — schools, universities, conferences," Javier Marcos, a Facebook security engineer who developed the first version of the software as part of a project in 2013, told Fortune.

He said the company has all the requirements for the different events and institutions to hold their own competitions, including a digital game map, registration page and a scoreboard.

CTFs offer a legally safe way to take on some hacking challenges.

"The current set of challenges include problems in reverse-engineering, forensics, Web application security, cryptography, and binary exploitation," Singh said. "You can also build your own challenges to use with the Facebook platform for a customized competition."

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics