Capture the Flag

capture-the-flag:~|

Using your knowledge in a way to make the world a safer place? Awesome! Find a short how-to here.

On this website, many challenges are featured to hack something or someone to teach you how to protect yourself against hackers. But: these fantastic hacker skills can also be used to do horrible things. So when you start solving the puzzles, you must know a couple of things. For example, what ethical hacking is.

When you search the dictionary for the word "ethical," it says you're doing the right thing. So an ethical hacker hacks to do the right thing: to make things safer. But, unfortunately, sometimes it happens that young hackers don't use their knowledge to do the right thing: they hack a game to get a better score or find it exciting to do things that are not allowed.

And you can and will get punished when you do things online that are not allowed. Many websites have a so-called responsible disclosure policy on their website. Sometimes this is also called coordinated vulnerability disclosure. That means that if you have found a flaw or vulnerability in a company's system or website, you must notify the organization as soon as possible. They then have the chance to fix this error before another hacker abuses it. So if you find such a flaw, error, or mistake, you should not immediately post it on your Twitter or Facebook or tell all your friends. Instead, first, you give the company a chance to fix it. Then, if they fix it, you can post it online, so your friends can see how 1337 you are. Sometimes you even get a thank you from the company for finding bugs or vulnerabilities!

In some cases, the vulnerability or flaw is so bad that you can download a lot of information that you shouldn't view at all. Maybe customer data or secret documents. If you have found this, you may - for example - take a screenshot to show that you were able to see such data, but make sure you remove the personal data from this screenshot! Downloading all data or information is, of course, not allowed, even if you report it! That is a gray area; some people say that you are a gray hat hacker. You are a white-hat hacker if you do it according to the rules to make the world safer. On the other hand, a black hat hacker is using this knowledge to do bad things, like downloading all information and asking money for it or making systems inaccessible.

That is why white hat (or ethical) hackers must be ahead of the evil hackers!

| score board | how to