Capture the Flag

capture-the-flag:~|

Using your knowledge in a way to make the world a safer place? Awesome! Find a short how-to here.

On this websites a lot of challenges are featured with the goal to hack something or someone with the goal to teach you how to protect yourself against hackers. But: these cool hacker skills can also be used to do very bad things. When you start solving the puzzles, you must know a couple of things. For example what ethical hacking is.

When you search the dictionary for the word "ethical", it says you're doing the right thing. So an ethical hacker hacks to do the right thing: to make things safer. Sometimes it happens that young hackers don't use their knowledge to do the right thing: they hack a game to get a better score or find it exciting to do things that are not allowed. And you can and will get punished when you do thing online that are not allowed.

Many websites have a so-called responsible disclosure policy on their website. Sometimes this is also called coordinated vulnerability disclosure. This means that if you have found a flaw or vulnerability in a company's system or website, you must notify the organization as soon as possible. They then have the chance to fix this error before another hacker abuses it. So if you find such a flaw, error or mistake, you should not immediately post it on your Twitter or Facebook or tell all your friends. First you give the company a chance to fix it. If they fix it, you can post it online so your friends can see how 1337 you are. Sometimes you even get a thank you from the company for finding bugs or vulnerabilities!

In some cases, the vulnerability or flaw is so bad that you can download a lot of information that you shouldn't actually view at all. Maybe customer data or secret documents. If you have found this you may - for example - take a screenshot to show that you were able to see such data, but make sure you remove the personal data from this screenshot! Downloading all data or information is of course not allowed, even if you report it! That is a gray area, some people say that you are a gray hat hacker. You are a white hat hacker if you do it according to the rules with the aim of making the world a safer place. A black hat hacker on the other hand is using this knowledge to do bad things, like downloading all information and asking money for it or make systems inaccessible.

That is why it is important that we as white hat (or ethical) hackers are ahead of the bad hackers!

| score board | how to