Challenges Leaderboard Events Blog Login Get Started
Documentation

neboctf Documentation

Everything you need to know to get started with neboctf platform

Getting Started

Creating an Account

To get started with neboctf, you'll need to create a free account. Follow these steps:

  1. Click on "Sign Up" or "Get Started" from the homepage
  2. Enter your username, email address, and password
  3. Select your country from the dropdown
  4. Accept the terms and conditions
  5. Verify your email address using the OTP code sent to your inbox
  6. You're ready to start hacking!
Note: Your email address is only used for account verification and important notifications. We respect your privacy.

Your First Challenge

Once you've created your account, here's how to tackle your first challenge:

  1. Navigate to the Challenges page
  2. Filter challenges by category or difficulty (we recommend starting with "Easy")
  3. Click on a challenge to view its details
  4. Read the challenge description and connection details carefully
  5. Start solving! Use hints if you get stuck
  6. Submit your flag when you find it

Flag Format

Standard Flag Format

All flags on neboctf follow a consistent format to make validation easier:

CTF{flag_content_here}

Flags are case-sensitive and must include the CTF{} wrapper. The content inside the braces can contain:

  • Alphanumeric characters (a-z, A-Z, 0-9)
  • Special characters like underscores (_), hyphens (-), and colons (:)
  • Spaces are typically not used
Important: Always include the CTF{} wrapper when submitting flags. Flags without this format will be rejected.

Flag Validation

Flags are validated using SHA-256 hashing for security. When you submit a flag:

  1. The system hashes your submitted flag
  2. It compares the hash with stored flag hashes
  3. If matched, you receive points and the challenge is marked as solved
  4. If incorrect, you'll see an error message

Platform Usage

Leaderboard System

Points are awarded based on challenge difficulty:

Difficulty Points Description
Easy 50-150 Suitable for beginners, introduces basic concepts
Medium 200-350 Requires intermediate skills and knowledge
Hard 400-600 Advanced challenges for experienced hackers
Note: The leaderboard requires authentication. You must be logged in to view rankings and your position.

Using Hints

Challenges may include hints to help you when you're stuck:

  • Some hints are available immediately
  • Additional hints may unlock after multiple incorrect submissions
  • Hints are designed to guide you, not give away the solution
  • Using hints doesn't reduce your points

Challenge Guide

Challenge Categories

neboctf offers challenges across multiple cybersecurity categories:

  • Web Security: SQL injection, XSS, authentication bypasses
  • Cryptography: Encryption, hashing, encoding challenges
  • Forensics: File analysis, memory dumps, network packets
  • Pwn: Binary exploitation, buffer overflows
  • OSINT: Open source intelligence gathering
  • Reverse Engineering: Binary analysis, code deobfuscation

Challenge Files

Some challenges provide downloadable files or resources:

  1. Click the "Download Files" button on the challenge page
  2. Extract and analyze the provided files
  3. Use appropriate tools for file analysis (hex editors, Wireshark, etc.)
  4. Look for hidden information, obfuscation, or encoded data

Submission Guidelines

Submitting Flags

When submitting flags, follow these guidelines:

  • Copy the flag exactly as found (case-sensitive)
  • Include the CTF{} wrapper
  • Don't include extra spaces or characters
  • Double-check your submission before clicking submit
Correct: CTF{example_flag_123} Incorrect: CTF{ example_flag_123 } Incorrect: example_flag_123 Incorrect: ctf{example_flag_123}

Rate Limiting

To prevent brute force attempts, flag submissions are rate-limited:

  • Maximum 10 submissions per minute per challenge
  • Exceeding this limit will temporarily lock submissions
  • Lock duration increases with repeated violations
  • This encourages careful analysis over guessing
Important: Rate limiting helps maintain platform integrity. Take time to analyze challenges properly rather than guessing.

Frequently Asked Questions

General Questions

Q: Is neboctf free to use?

A: Yes! Our free tier provides access to all public challenges, leaderboard participation, and community features.

Q: Do I need prior cybersecurity experience?

A: Not necessarily. We offer beginner-friendly challenges that introduce concepts gradually. However, basic computer skills are recommended.

Q: Can I practice offline?

A: Some challenges provide downloadable files that can be analyzed offline, but you'll need an internet connection to access the platform and submit flags.

Q: How often are new challenges added?

A: New challenges are released regularly. Follow our updates to stay informed about new content.

Q: Can I reset my password?

A: Yes, use the "Forgot Password" link on the sign-in page. You'll receive password reset instructions via email.

Q: Why can't I access the leaderboard?

A: The leaderboard requires authentication. Please log in to view rankings and your position on the leaderboard.