This study intend to (1) determine the suitability of the components of online learning media for network and computer security to suitability with the ethical hacking process, (2)conduct a comprehensive review of cyber security learning media. This research is a qualitative research with a grounded theory research approach. The data sources of this study include Capture The Flag websites, ethical hacking aspects and gamification aspects. Sampling techniques are carried out using application search strategies based on certain keywords in accordance with the relevance of online applications of cyber security learning media. Data analysis in this study uses qualitative data analysis, as for data analysis techniques that are adjusted to the stages in the study (Perry, Lunde, and Chen 2016). The first thing that is done is to search for research data sources using predetermined keywords. Filtering is carried out on search results so that search results are unique and duplication does not occur. Filtering is carried out to find inappropriate online applications, then removed from the list. Scoring of data that is in accordance with the ethical hacking aspects and gamification aspects. Second, the obstacle experienced in the research process is that there are several obstacles that cannot be accessed due to closed access or developers who do not update the CTF-based cyber security website so that it cannot be run. Third, the maker or owner or developer of this CTF-based cyber security website needs to consider the gamification side in the creation and preparation of this CTF-based cyber security website. This is necessary to increase the interest of participants with the presence of gamification aspects that are implemented

C. C. Palmer, “Ethical hacking,” IBM Syst. J., vol. 40, no. 3, pp. 769–780, 2001, doi: 10.1147/sj.403.0769. [2] S. Patil, A. Jangra, M. Bhale, A. Raina, and P. Kulkarni, “Ethical hacking: The need for cyber security,” IEEE Int. Conf. Power, Control. Signals Instrum. Eng. ICPCSI 2017, pp. 1602–1606, 2018, doi: 10.1109/ICPCSI.2017.8391982. [3] V. Švábenský, P. Čeleda, J. Vykopal, and S. Brišáková, “Cybersecurity knowledge and skills taught in capture the flag challenges,” Comput. Secur., vol. 102, 2021, doi: 10.1016/j.cose.2020.102154. [4] Elidjen, D. Hidayat, and E. Abdurachman, “The Roles of Gamification, Knowledge Creation, and Entrepreneurial Orientation towards Firm Performance,” Artif. Intell. Agric., 2022, doi: 10.1016/j.ijis.2022.07.002. [5] D. Dixon, E. Lawley, S. Deterding, S. Björk, and L. E. Nacke, “Designing Gamification: Creating Gameful and Playful Experiences,” Conf. Hum. Factors Comput. Syst. - Proc., vol. 2013-April, pp. 3263–3266, 2013, doi: 10.1145/2468356.2479662. [6] R. Patricio, A. C. Moreira, and F. Zurlo, “Gamification in innovation teams,” Int. J. Innov. Stud., vol. 6, pp. 156–168, 2022, doi: 10.1016/j.ijis.2022.05.003. [7] R. Perry, B. Lunde, and K. T. Chen, “An evaluation of contraception mobile applications for providers of family planning services,” Contraception, vol. 93, no. 6, pp. 539–544, 2016, doi: 10.1016/j.contraception.2016.01.005. [8] D. Ary, L. C. J. Jacobs, C. Sorensen, and A. Razavich, Introduction to Research in Education. 2010.