In hacking, a wargame (or war game) is a cyber-security challenge and mind sport in which the competitors must exploit or defend a vulnerability in a system or application, and/or gain or prevent access to a computer system.[1] [2] [3]
A wargame usually involves a capture the flag logic, based on pentesting, semantic URL attacks, knowledge-based authentication, password cracking, reverse engineering of software (often JavaScript, C and assembly language), code injection, SQL injections, cross-site scripting, exploits, IP address spoofing, forensics, and other hacking techniques.[4]
Wargames are also used as a method of cyberwarfare preparedness.[5] The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) organizes an annual event, Locked Shields, which is an international live-fire cyber exercise.[6] The exercise challenges cyber security experts through real-time attacks in fictional scenarios and is used to develop skills in national IT defense strategies.
Wargames can be used to teach the basics of web attacks and web security, giving participants a better understanding of how attackers exploit security vulnerabilities. Wargames are also used as a way to "stress test" an organization's response plan and serve as a drill to identify gaps in cyber disaster preparedness.