Capture the Flag (CTF) in compute security is an exercise in which "flags" are secretly hidden in purposefully-vulnerable programs or websites.