Scribd
Upload
72 views3 pages

CTF Tools Teaching Guide

The CTF Tools Teaching Guide outlines a 2h30m session aimed at equipping students with knowledge and hands-on experience using various CTF tools for recon, enumeration, and exploitation. The session includes segments on different categories of tools, practical activities, and resources for further learning. By the end of the session, students should be prepared to apply these tools in real CTF competitions.

Uploaded by

hamza.farhani
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
72 views3 pages

CTF Tools Teaching Guide

The CTF Tools Teaching Guide outlines a 2h30m session aimed at equipping students with knowledge and hands-on experience using various CTF tools for recon, enumeration, and exploitation. The session includes segments on different categories of tools, practical activities, and resources for further learning. By the end of the session, students should be prepared to apply these tools in real CTF competitions.

Uploaded by

hamza.farhani
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

CTF Tools Teaching Guide (2h30m Session)

■ Session Goal
By the end of this session, students should: - Understand what CTF tools are used for - Be able to
use the most important ones hands-on - Know how to chain tools during recon, enumeration, and
exploitation - Be ready to use them in real CTFs

■ Session Structure (2h30m)


Time Segment Topic

0:00 – 0:10 Kickoff & Context What are CTFs? Tools categories? Real demo goals
0:10 – 0:30 Recon Tools nmap, whatweb, gobuster, dirsearch
0:30 – 0:50 Web Tools Burp Suite, curl, httpx, nikto
0:50 – 1:05 OSINT & Online Tools CTFtime, CyberChef, ExifTool, strings, base64, hash-id
1:05 – 1:25 Cracking Tools hashcat, john, rockyou, hydra
1:25 – 1:45 Binary & Reversing Tools Ghidra, GDB, ltrace, strace, file
1:45 – 2:00 Exploitation Tools netcat, pwndbg, Metasploit, Searchsploit
2:00 – 2:20 Practical CTF Flow Combine tools on a basic challenge
2:20 – 2:30 Q&A & Resources Ask questions, recommend labs, and give next steps

■ Recon & Scanning


Tool Use
nmap Network scanner & service enumeration
gobuster / dirsearch Directory brute-forcing
whatweb / httpx Identify technologies
theHarvester OSINT for emails/domains

■ Web Testing
Tool Use
Burp Suite Manual and automated web analysis
curl Interact with HTTP
httpx Quickly check live hosts from lists
nikto Basic web vulnerability scanner

■ OSINT / File Analysis


Tool Use
CyberChef Decode, encode, convert (online)
ExifTool Extract metadata from files/images
strings Pull ASCII from files
binwalk Analyze firmware or image files

■ Cracking Tools
Tool Use
hashcat / john Password cracking
hydra Brute-force login credentials
rockyou.txt Common password list

■ Binary / Reversing
Tool Use
Ghidra / Cutter Reverse engineering binaries
GDB / pwndbg Binary debugging
ltrace / strace Trace library/system calls
file Identify file types

■ Exploitation
Tool Use
netcat (nc) Shells, listeners, data transfer
Searchsploit Search for exploits
Metasploit Exploit automation
■ Practical Activity (20 mins)
Pick 1 simple CTF challenge (e.g., from PicoCTF, TryHackMe, or HackTheBox) where students: 1.
Scan with `nmap` 2. Find web with `dirsearch` 3. Use `Burp` to analyze input 4. Crack a hash with
`john` 5. Use `netcat` to get a shell This reinforces real usage of tools.

■ Bonus Resources
Type Tool
Challenges PicoCTF, TryHackMe, HackTheBox
Practice OverTheWire, CyberChef, CrackStation
Cheatsheets GTFOBins, PayloadsAllTheThings, HackTricks

■ Final Checklist for Instructor


- [ ] Prepare one simple CTF challenge for the practical - [ ] Install all CLI tools beforehand - [ ] Keep
Burp & Ghidra ready - [ ] Create a small cheatsheet handout for students - [ ] Record screen or take
screenshots for post-class notes

You might also like