Summary
- The YouTuber EJPT is walking through a CTFL-style cybersecurity assessment called Information Gathering CTF 1 in this video.
- They cover the five flags and how to collect them all whilst demonstrating professional methodologies and approaches to these kinds of security tests.
- The first flag is concerned with avoiding search engine crawling, and the correct answer lies in the robots.txt file.
- A comprehensive NMAP scan can provide the website details and thereby provide the second flag.
- Directory busting flags 3 and 4 can provide clues and answers, and some basic WordPress knowledge can assist with flag 4.
- Finally, hashtagging can help to find the fifth flag.
Alongside each flag, EJPT provides an insight into their own thought process to achieve the correct, and efficient, outcome.