CTFs are competitive hacking events: like ACM ICPC, but in computer security. Teams get a number of tasks or challenges about cryptography, binary reverse engineering, web vulnerabilities, network security, digital forensics, etc - all the topics that computer security engineers work with.
Each challenge has a goal, e.g. find a vulnerability and extract the administrator's password from website database. Upon solving the challenge, team gets a flag - some secret string like ISITDTU{this_is_flag}. Team submits it in exchange for points. The team with most points, wins.
CTFs allow using any means or tools to solve challenges and outperform other teams.
At the same time, some actions can break the fun for other people. For example:
Don't delete flags or break services. While organizers try to maintain challenge resilience, mistakes will be made. Instead of abusing them, report them to the orgas for kudos.
Don't share flags or ask for flags. It's a competition, do your personal best.
Don't generate excessive load. Bruteforcing or DirBusting will not be necessary, let's keep it down.
Don't troll, spam, flood in the chats.
Don't register multiple accounts.
Organizers will guard the fun by punishing the fun-ruiners.
