Open in app

Sign in

Write

Sign in

Grand Canyon University CTF Beta Test Write Up

CyberQueenMeg
4 min readJun 13, 2023

I had the amazing opportunity to beta test the new CTF created by the GCU Cyber Center of Excellence at their June Cyber Saturday workshop on June 5th, 2021. This CTF is unique because it is so much more than hacking. It covers every major cybersecurity domain on the Cybersecurity Domain Mind Map (shown below) created by Henry Jiang and updated in March of 2021 to reflect the changes in cybersecurity over the past few years.

Cybersecurity Domain Mind Map

As you can see, this CTF covered a LOT of ground. It had over 120 questions. Lots of the challenges were written responses and based on questions similar to those on the CompTIA Security+ exam. I placed 2nd in the 3 hour beta testing period and thoroughly enjoyed the refreshingly different format of this CTF that made it accessible and engaging to beginners and security pros alike. Because there were so many questions, I will summarize each category and describe the performance-based challenges that I completed in more of a walk-through style.

Cryptography:

This category dealt a lot with hash encoding and cipher decryption (mainly Caesar ciphers). We were given different cipher codes to decrypt and hashes to decrypt and/or determine the type of hash using hash-identifier on Kali Linux. I completed 6 out of the 10 cryptography challenges in the three hour period. My favorite challenge in this category was definitely “How many clicks?” We were given a cipher to decrypt that told us that we had a Python file to inspect and find the flag in. I opened the python file in VSCodium and found the code right away AND avoided the Rick-Roll I would have encountered if I had executed the file. (A rick-roll is where somebody puts the music video to Rick Astley’s ‘Never Gonna Give You Up’ as a deterrent from real information or just as a prank. It’s kind of odd.)

Bonus Challenges:

From what I heard from other participants and the CCE coordinator, these were made by the company hosting the CTF platform, not GCU, and had several flaws. I have not solved any of these yet. They are hacking based.

Forensics:

The Forensics section of the CTF was very fun! I solved 3 out of the 6 problems, and all 3 of them had to do with inspecting a log file hidden on the CTF website designed for exploitation. It was fun going through the file and finding hidden secrets to solve the three puzzles that I did solve and it was nice that it was web based and I didn’t have to use WireShark this time and I could focus my energy solely on comprehending what the log file was saying instead of trying to use a complex tool and understand the file.

Steganography:

There was only 1 steganography challenge where a file was hidden on the vulnerable CTF site and I have not gotten to it yet.

Networking:

The Networking challenges were written answers and dealt with the OSI model, IPs and routing, and network security best practices. I completed 12 out of the 23 networking challenges.

Security Practices:

The Security Practices challenges were also written answers and dealt with social engineering and device security practices. I completed 5 out of the 11 Security Practices challenges.

Hacking:

Despite the name, the Hacking section consisted of written answers and dealt with the different kinds of hackers, types of attacks, and historical cyber attacks. I completed 11 out of the 18 Hacking challenges.

Programming:

The Programming section was written and dealt with SQL injection, Android, and debugging. I completed 2 out of the 3 Programming questions.

Ports & Protocols:

The Ports & Protocols section was written and dealt with different networking ports & protocols. I completed all 10 Ports & Protocols challenges.

Trivia:

The Trivia section was written and contained historical computer trivia. I completed all 4 Trivia challenges.

Malware:

The Malware section was written and contained challenges about different types of malware. I completed all 6 Malware challenges.

Linux:

The Linux section was written and contained challenges about using the command line in Linux. I completed 2 out of the 3 Linux challenges.

Overall, I really enjoyed the diversity that this CTF presented. There were challenges that could be easily solved by beginners but also challenges that challenged experienced hackers. It was easy to find my hacking rhythm and get into a solid groove which was really enjoyable. I would highly recommend this CTF to anybody interested in cybersecurity, regardless of their experience in the field.

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Cybersecurity
Hacking
Ctf
CyberQueenMeg
CyberQueenMeg

Written by CyberQueenMeg

59 Followers
28 Following

GCU ‘25. DFIR Intern @ Cisco, Cybersecurity/tech nerd, musician (violin, piano, & guitar), Christian, and bug bounty hunter.

No responses yet

Write a response

What are your thoughts?

More from CyberQueenMeg

Recommended from Medium

Lists

Spell AI Automation
An image by the author.
iPhone displaying the new intelligent Siri

Tech & Tools

23 stories409 saves

Medium's Huge List of Publications Accepting Submissions

414 stories4678 saves

Staff picks

826 stories1649 saves
Robot hand touching human hand

Natural Language Processing

1977 stories1619 saves

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams