Welcome to the AC-Hunter™ CTF Challenge!
Below are instructions for accessing the AC-Hunter CTF environment and AC-Hunter CTF instance.
Please read before starting the challenge.
In this Capture The Flag challenge, you’ll use a read-only version of AC-Hunter to answer a series of threat hunting questions. Each answer has a point value of 10 or 15. You can use your collected points to receive hints to answer questions you may need help with.
Good luck and have fun!
Complete the following steps to create an account at the CTF environment:
- Step 1: Access the CTF space here: https://achunter.ctfd.io/
- Step 2: Click “Register” on the right-hand side of the main menu bar
- Step 3: Create an account to access the CTF questions
Once you finish creating your account, you should see the Challenges screen like this:
The series of CTF questions correspond with the “dnscat2-ja3-strobe” dataset in AC-Hunter. Follow the steps below to access the AC-Hunter instance before attempting to answer any questions.
AC-Hunter CTF Instance
This version of AC-Hunter is read-only to prevent accidental edits or whitelist entries, so some normally available features have been disabled.
Use the following information to log in to the read-only version of AC-Hunter:
Once logged in, you will need to select a dataset. For this CTF, you will use dataset dnscat2-ja3-strobe (highlighted in red below).
First, select “dnscat2-ja3-strobe” and click “Confirm” in the lower right-hand corner:
Once you have selected the dataset and clicked “Confirm”, it will bring you to the AC-Hunter dashboard screen with the selected dataset data loaded:
The series of CTF questions corresponds with the dnscat2-ja3-strobe dataset in AC-Hunter.
To switch between datasets and access the AC-Hunter settings: From the Dashboard, click the gear icon (circled in green below) on the upper-right-hand side of the dashboard:
In the Database section of the AC-Hunter Settings screen, choose the new dataset and click Confirm in the bottom-right corner:
- Play around! Check out all of the features in AC-Hunter and have some fun getting used to the interface
- All available datasets in AC-Hunter (for the CTF and the others) have several compromised hosts for your threat hunting pleasure 🙂
- This version of AC-Hunter is set to read-only to prevent any accidental edits or whitelist entries, so some normally available features have been disabled
- Feel free to choose any of the other sample datasets in AC-Hunter, put on your Threat Hunter hat, and see if you can find other compromised hosts in the other sample datasets for fun
Fun Thing to Try:
In the AC-Hunter Settings menu item “Themes” you can switch between “Game Mode” and “DaVinci Mode” themes: