As part of a university CTF, I was tasked with creating challenges that would test players’ knowledge, encourage competition in a thrilling atmosphere, and introduce them to new concepts. And what better way to do that than with an original category designed to push them beyond their comfort zones?

I’ve always been fascinated by real-world scenarios and network penetration testing, so for this CTF, I decided to simulate a corporate network and design a four-task suite focused on network security:

• Wi-Fi Cracking — Capturing a handshake and brute-forcing the password.
• Man-in-the-Middle (MITM) Attack — Intercepting an admin’s HTTP session cookie.
• Escaping a Python Network Jail — Exploiting a restricted Python environment.
• DNS Spoofing Attack — Redirecting a victim to steal their credentials.

This challenges set demonstrated the real-world implications of various network security vulnerabilities and exploitation techniques. By leveraging weaknesses in authentication, network protocols, and insecure configurations, we successfully intercepted sensitive data, manipulated traffic, and bypassed security restrictions.

These exercises highlight the critical importance of implementing:

• Strong encryption
• Secure authentication mechanisms
• Proper network monitoring and segmentation

Security is an ongoing battle — understanding these vulnerabilities is the first step toward building more resilient systems.