I recently took part in the Tevora & Immersive Labs CTF. I was surprised by the content, rather than a ‘standard’ CTF, it had a lot of focus on analysis of compromise and tasks with OSINT.
The process for submitting flags was a little different too. For most tasks, you’d have multiple questions to complete the task – it guided you through what the learning was intended to be, you couldn’t just get the root flag and complete the task.
My favourite task was the OSINT to compromise of a corporate environment because of a ‘noisy’ CISO. I also liked the emphasis on Wireshark pcap investigation with the Windows event logs.
It was fun & I learned a new trick or two! I also won.