Welcome to PicoCTF!

This is a pseudo-guide to getting started! Kyle Liao is an avid PicoCTF beginner and will help you through this.

First you are going to make an account with picoCTF. picoCTF is a website run by CMU(Carnegie Mellon University), displaying CTFs(capture the flags). Capture the Flags are cybersecurity challenges where one at the low level, you get information then use a cybersecurity technique to get a flag(information in a certain unique format often hidden inside the info). For picoCTF, flags are picoCTF{flag}, meaning that the flag is any kind of text between the brackets. I didn’t understand this at the beginning and just put random words inside the answer box.

So well, get to it. PicoCTF. You are going to want to go to PicoGYM which is their practice mode, the non-competition version of the game. You may want to read picoPrimer which is like a couple of textbook pages with general info to help you. My opinion, just follow along to Martin Carlise in this youtube playlist. Use his strategies along with the webshell, a CLI virtual machine, to find the solutions to problems.

Here’s the video in embedded form right here.

You won’t be able to solve all of the problems. You might not have the tools needed, or the knowledge, or patience. Just try your best. Google everything. Use the hints. You will learn something, be it a new tool, new people, a new field, anything. It’s challenging, but fun.

You can find additional CTF activities by visiting Hacker 101 CTF or CTF 101.