Nmap is a free network scanner.

[Description from the official web-site]. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X.

This particular Capture all flags competition was mainly focused on exploiting different web-based vulnerabilities. So, that is a really interesting, step-by-step report about all challenges and solutions presented on this event.

And, of course, here are the source codes of all challenges: Challenge me.

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

Link: OSSEC

One of the iCTF vulnerable images that we can use for attacking: The Copyright Mafia