My First Legally Hack.
When I saw another internal competition, this time in partnership with MetaCTF and offering some good prizes, I raised an eyebrow and thought, “Why not? But… what even is a CTF?” The last thing I’d won internally was a photo contest that earned me a pocket camera, so I signed up mostly out of curiosity. I’d spent roughly 30 hours that week, 6 p.m. to midnight, Monday through Friday glued to my chair, completely absorbed in challenges ranging from binary exploitation to forensics.
A Jeopardy-style Capture The Flag (CTF) is a cybersecurity competition built from independent challenges across areas like web exploitation, cryptography, forensics, reverse engineering, and binary exploitation. Each challenge hides a “flag” worth points, and you can solve them in any order — whether that means extracting data from a PCAP file, reversing a tiny binary to uncover a password, or exploiting a vulnerable login page. It’s a puzzle-driven format that rewards creativity, technical intuition, and the ability to think like a hacker.
One of the most frustrating tasks involved “talking” to a troll to convince it to give me the flag. And of course, I had to do it on a virtual machine over our internal VPN. Imagine typing one letter, waiting three seconds for it to appear, then continuing with the next hundred characters. A typo meant even more waiting. It was an hour of pure slow-motion agony. But that’s what attackers do — they don’t give up until they get what they want. And to prevent any attacks, you need to know how how they think, and what they do. The irritation pushed me to continue the next day, and after guessing the password, the troll finally revealed the flag. The relief was incredible.
Another challenge that made me feel like a I have super powers was cracking the password of a protected file using brute force. I couldn’t believe how easy it was. If someone like me, with minimal security experience, can do that… imagine what a skilled attacker can do. They could probably do it with their eyes closed.
To my surprise, I ranked 1st out of 36 for Solo category, earning that $100 Amazon voucher. However, the competition was small, and on top of that it was a classic beginner’s luck, right?
Knowing which algorithms to apply — and why — really matters. First, it forces your brain out of its comfort zone. Second, it’s a far better use of time than rewatching the same Netflix shows. And third, it might just become a new hobby… or even a career.
The world of cybersecurity can feel like a real battleground. There are incredibly talented people out there, and it’s heartbreaking that some choose to use their brilliance to hurt others, leaving innocent people to deal with the consequences. But thankfully, there are ethical hackers too — people who use the same sharp minds and skills to protect, defend, and quietly keep the rest of us safe.
I’ve now signed up for the monthly MetaCTF challenges to keep practicing. They’re fun, demanding, annoying when you’re stuck, frustrating when the VM lags, but incredibly rewarding. Hack, yes! The certificates you get after the challenge might not mean much to anyone else, but to me it’s just a pat on the back which means: Well done, you learned something today!
Apart from MetaCTF website https://app.metactf.com/login, there are other great ways to learn:
