Trace Labs CTF Judge vs Member

Trace Labs CTF Judge vs Member

Previously, I had participated in Trace Labs virtual CTF on July 13 which my experience can be read at Trace Labs Global Remote 2 CTF. After finishing that CTF, I decided to be a remote judge for the Oct 11 CTF in Australian from the United States. One thing to remember, Trace Labs CTF are passive research contests. You can read the CTF Rules and the company and volunteers will refer to these rules during the CTF. Please remember one thing: do not contact family, law enforcement, or anyone else outside the CTF.

The above slideshow are the states released by @TraceLabs for the event. For the complete event (6 hrs), everyone generated 3912 total leads which is impressive.

@AustCyber posted some information as well about the CTF.

As for judging, I think a person who wants to judge needs some information on how to look at OSINT information. The person may not need to understand how to locate and search for the information through the tools such as the OSINT Framework; however, many of the pieces of information submitted were from the deep web, or websites not indexed by search engines or hidden behind a login wall. Understanding OSINT techniques will help with both participating and judging these CTFs.

Should someone judge before participating? I think that is up to the particular person. Personally, I was better prepared with what information was being gathered and how that information would be presented on the platform from an investigator. Although since the platform performs relatively the same for judges and investigators, there is no harm in judging before participating in a CTF.

I think judging remain easier to work on since many of the investigation techniques are not required and exposes a person to how to perform OSINT through the passive techniques.

I find OSINT interesting but I need more experience at it. For those looking for some OSINT puzzles, you can follow @quiztime on Twitter which posts puzzle from a bunch of people. These posts are mainly video and imagery OSINT.