Atenea, a free security challenge platform

Everybody knows about TryHackMe, HackTheBox, and OverTheWire. But did you know about Atenea?

Atenea, a free security challenge platform

Atenea is a free security challenge platform developed by the (Spanish) National Cryptologic Center (CNN), under Spain’s National Intelligence Centre (CNI).

With the goal of teaching people about cybersecurity risks, while having fun, they developed a platform where you can “play” while learning. Pretty much like TryHackMe or similar platforms.

Atenea platform

How to use it

First, register here. Don’t you worry; despite being a Spanish government website, you can pick between English, Spanish and French.

After you register a new user and log in with it, go to the Challenges section. Here, you have loads of topics to start with, but I would recommend the “Basic” section.

You will be presented with a new topic, a bit of theory that you should read, and then instructions to find out what the flag is.

For example, the very first challenge is about hashes:

Atenea challenge

You read about what hashes are, then you have to calculate what is the MD5 hash for LearnTheHashFunction. In references, you have a link to an article (in Spanish) and a link to a forum where somebody asks how to create an MD5 hash from a string.

Just what we needed!

Go to the second link, learn how you can create an MD5 hash (or Google it), and turn that string into a hash, then answer the question with the following format: flag{YOUR_HASH}.

Then, you will be regarded with one point (this one was easy…) and access to the second challenge.

Just…one…challenge…more

Have you ever played one of those games, where time flies? You just blink and 3 hours happened, it is 2:00 AM and you swear that you will only play one turn more (Paradox, I hate you for that), and then suddenly it is 4:00 AM and you have to work/go to class in 3 hours.

Well, this happened to me with Atenea.

A teacher told us that we should aim to get 500 points, as last year students managed to get between 300 and 400.

I got 207. In one day.

That’s how addictive is the game. Or the lessons, as this is both at the same time.

To help others, I took notes on the procedures to get the flags, what websites I used, and what I was studying on each challenge, and I managed to get 207 because I couldn’t let it go.

Well, also because I had a friend playing at the same time.

Pair with a friend

This is the best you can do: Play with a friend.

When I was stuck on a challenge, my friend solved it. And when my friend was stuck on a challenge, I helped him.

We had a friendly competition trying to beat each other (in a good way, we still helped each other, no questions asked), and that pushed us further and further. Others in my class are stuck on 30-100 points after weeks, we have more than 200 points.

So, find a friend who is looking to learn more about cybersecurity, or one who just may be interested in it. Or your partner. Maybe a sibling.

Believe me, like many other things in life, it is better with more people looking…

Anyway, this talk makes me want to beat more challenges, and I only have 207 points. Time to do one challenge more.

Just…one challenge.

Resources

Atenea

Atenea: Challenges

TryHackMe

HackTheBox

OverTheWire