This really makes me miss the Stripe CTFs. I'm guessing Google's are aimed more at top security people working together as a team, not to teach ordinary programmers how a buffer overflow acts. I usually got about 80% of the way to a T-shirt in Stripe's.
Hey all, I see a lot of comments asking about getting into CTFs. Trail of Bits has an awesome field guide [1] that I learned a ton from - check it out!
I've never heard of Capture the Flag. Can someone a bit more familiar describe what the format is exactly, or what type of questions / challenges there are? Any examples from last year's competition?
In general CTFs are a list of problems you're trying to solve in a set amount of time, ranging from a few hours to a week or so (and some open CTFs are not time bound, just for learning). They will tell you something (normally very, very minimal info or a hint) and you try to find or figure out a string to 'capture the flag' and get the points for that problem. The harder the problem, the more points you get. The person or team with the most points win.
The types of questions range depending on the CTF and the goal of the CTF. Some of things from the OWASP top 10 (1), while others might have logic problems, math problems, or reference problems where you figure out the answer instead of finding it.
I used to participate to a few as a hobby back in my university days. The online ones are generally jeopardy-styled, where you get a bunch of challenges across a variety of categories. Web, Crypto, Stego, Binary Analysis, Reverse Engineering, network packet analysis, etc. There's a bit of everything really, and they also try to have a range of difficulty with an appropriate point system.
CTFTime [0] is a great central hub for finding, tracking and reading about CTFs. After each CTF event, many people publish "writeups" which is basically their "walkthrough" of how they solved each challenge. You can try looking at those to get a rough idea of the various skill sets required for these events. The ctfs github group [1] is filled with them.
This seems quite interesting, but as a college student I have no doubt this will be outside my skill level. Any suggestions on similar, but easier CTF and similar events?