Ghost — Linux & Shell Fundamentals
Twenty-two levels. The foundation every other track is built on — shell fluency, file system, processes, networking, encoding, permissions. Where operatives are built, not taught.
Briefing
Who this is for: anyone serious about real security work. It does not matter whether you have never opened a terminal before or whether you have been writing code for years — if you cannot move through a Linux system like it is your second home, the rest of this industry stays out of reach. Offensive security, defensive security, incident response, cloud, AI security — every single discipline demands the same basic fluency. Ghost gives it to you.
Who we are preparing: BreachLab trains the kind of security specialist that Fortune 500 companies, cloud providers, and national cyber units all compete for and cannot find — Anonymous-level in the literal sense. Ghost is step one. This is not a certificate mill. It is a forge.
Note for beginners
This game, like most other games, is organised in levels. You start at Level 0 and try to beat each level in order. Finishing a level gives you the password (and a flag) for the next level. On the platform, the page for each level tells you its points and whether you or anyone has solved it yet.
There are several things you can try when you are unsure how to continue:
- First, if you know a command, but don't know how to use it, try the manual (
man <command>) by enteringman command. For example,man lsto learn about thelscommand. - Second, if there is no manual, the command might be a shell built-in. In that case use the
helpcommand (e.g.help cd). - Also, your favorite search engine is your friend. Learn how to use it. Pick a query that teaches you something rather than one that hands you the answer.
- Lastly, if you are still stuck, you can join the community — but do not spoil levels (see rules).
You're ready to start. Begin with Level 0 using the SSH access below.
SSH Access
ssh [email protected] -p 2222[ Save your flags ]
Each level's flag is also the SSH password for the next user. The platform does not show it again. Save it the moment you find it — to a password manager, a notebook, anywhere durable. This is part of the training: real ops, you log credentials as you obtain them.
Levels
| # | Level | Points | Operatives | First Blood | Status |
|---|---|---|---|---|---|
| 0 | First Contact | 100 | 631 | @atobones | — |
| 1 | Name Game | 120 | 570 | @defstrong | — |
| 2 | In The Shadows | 140 | 538 | @defstrong | — |
| 3 | Access Denied | 160 | 497 | @defstrong | — |
| 4 | Signal in the Noise | 180 | 470 | @defstrong | — |
| 5 | The Listener | 200 | 371 | @defstrong | — |
| 6 | Ghost in the Machine | 220 | 333 | @defstrong | — |
| 7 | Lost in Translation | 240 | 324 | @defstrong | — |
| 8 | Something's Running | 260 | 300 | @defstrong | — |
| 9 | Noise Floor | 300 | 292 | @defstrong | — |
| 10 | Binary Strings | 330 | 289 | @defstrong | — |
| 11 | Wrapped Three Deep | 360 | 276 | @sml | — |
| 12 | Key Not Password | 390 | 263 | @sml | — |
| 13 | Port 30000 | 420 | 256 | @sml | — |
| 14 | TLS, Not Plaintext | 450 | 234 | @sml | — |
| 15 | Port Range | 480 | 220 | @sml | — |
| 16 | Diff | 510 | 218 | @sml | — |
| 17 | No Shell For You | 540 | 215 | @sml | — |
| 18 | Wrong User | 570 | 214 | @sml | — |
| 19 | Your First Script | 600 | 203 | @sml | — |
| 20 | Cron Discovery | 630 | 202 | @meesterbjangles | — |
| 21 | Git Archaeology | 660 | 199 | @meesterbjangles | — |
Ghost's shape draws on Bandit by OverTheWire. Credit to the OTW team for setting the template.