So, I spent a lot of my spare time here since October (the month, not the machine :P) and I have a question: is this site more about pen-testing or about CTFing?
Of course I learned a lot of new things and techniques, I had the chance to practice other things that I learned a while ago and, for sure, I also enjoined my time: some machines I've done are really cool (Calamity and Jail really rock).
But now I'm starting to realize that most of the online machine are - at least to me - really far from what I see every day in the real world. Let me say too "CTFgish". And I wonder if the time spent on them worth the knowledge learned. Let me do an examples: what I've really learned from dirbusting with that bigger wordlist that "easy" machine? Or do I really ever find creds hidden in that steg-something file on a production server?
Machines - I read in other posts the forum - are getting harder. For sure this let gurus and omniscients to fight for being the best. But how are getting harder? And are they fighting to be the best pen-tester or the best CTFger?
May be that a realworld/ctf value or ratio (evaluated when submitting a flag) would be useful to users (and site owners too) to understand what we all are doing here.