CTF Challenges
Test your skills with hands-on cybersecurity challenges
Windows Registry Analysis
Analyze Windows registry files to find evidence and the flag.
Web Archive Investigation
Use web archives to find deleted or changed content containing the flag.
Network Protocol Reverse
Reverse engineer a custom network protocol to communicate with a server.
PDF Metadata
Extract metadata from a PDF file to find the flag.
ROT13 Variant
A custom ROT cipher has been used. Find the rotation value and decrypt.
Timeline Analysis
Create a timeline of events from system logs to find when the flag was accessed.
Flight Tracking
Track a flight using public flight data to find the flag.
Anti-Debugging Techniques
Bypass anti-debugging techniques in a binary to analyze it.
Whitespace Programming
Execute a program written in the Whitespace programming language.
Race Condition Exploit
Exploit a race condition in the payment processing system to get free items.
Padding Oracle Attack
Exploit a padding oracle vulnerability in CBC mode to decrypt the flag.
File Carving
Carve files from a disk image to find hidden data and the flag.
Company Research
Research a company using public records and find hidden information.
Python Bytecode
Reverse engineer Python bytecode to recover the original source and flag.
DNS TXT Record
Find the flag hidden in a DNS TXT record.
XXE Injection
Exploit XML External Entity processing to read sensitive files from the server.
Vigenère Cipher
Decrypt a message encrypted with Vigenère cipher. The key is a common word.
Password Protected ZIP
A ZIP file is password protected. Crack the password to extract the flag.
Phone Number Lookup
Find information about a phone number and locate the flag.
Firmware Analysis
Extract and analyze firmware to find hardcoded credentials and the flag.
Polyglot File
A file that is valid in multiple formats. Extract data from each format.
SSRF Internal Network
Exploit a Server-Side Request Forgery vulnerability to access internal services.
Diffie-Hellman Key Exchange
Intercept and exploit a weak Diffie-Hellman key exchange to recover the shared secret.
Log File Analysis
Analyze server logs to find evidence of an attack and the flag.
Username Enumeration
Find all accounts associated with a username across different platforms.
Malware Analysis
Analyze a malware sample in a safe environment to understand its behavior.
Unicode Steganography
Find a message hidden using Unicode zero-width characters.
JWT Token Forgery
A JWT token is used for authentication. Can you forge a token to gain admin access?
AES ECB Mode Weakness
AES in ECB mode has been used. Exploit the weakness to decrypt the flag.
LSB Steganography
A message is hidden in an image using LSB steganography. Extract it.
Email Investigation
Investigate an email address to find associated accounts and the flag.
Android APK Analysis
Analyze an Android APK file to find hardcoded secrets and the flag.
Audio Spectrogram
Analyze an audio file's spectrogram to find a hidden message.
File Upload Bypass
Upload a malicious file to gain remote code execution on the server.
Hash Collision
Find two different messages that produce the same MD5 hash.
Memory Dump Analysis
Analyze a memory dump to find passwords and the flag.
Geolocation Challenge
Find the exact location where a photo was taken using metadata and visual clues.
Obfuscated Code
Deobfuscate JavaScript code to understand its functionality and find the flag.
Barcode Scanning
Scan a barcode to reveal the flag.
String Algorithms
Solve string manipulation problems to extract the flag.
CSRF Token Bypass
Find a way to bypass CSRF protection and perform unauthorized actions.
XOR Cipher
A message has been encrypted using XOR. Find the key and decrypt it.
Image Metadata
A flag is hidden in the metadata of an image file. Extract it.
Reverse Image Search
Use reverse image search to find the original source and the flag.
Packed Binary
Unpack and analyze a packed binary to find the flag.
Brainfuck Interpreter
Run a Brainfuck program to get the flag output.
Graph Traversal
Implement BFS or DFS to traverse a graph and find the flag.
Stored XSS Attack
A comment system is vulnerable to XSS. Inject a script to steal admin cookies.
RSA Weak Key
A weak RSA key has been used. Factor the modulus and decrypt the message.
PCAP Analysis
Analyze a network capture file to find the flag hidden in the traffic.
Domain WHOIS Investigation
Use WHOIS data to find information about a domain and locate the flag.
Simple Crackme
Reverse engineer a simple crackme program to find the correct password.
QR Code Puzzle
Scan multiple QR codes to piece together the flag.
Dynamic Programming Problem
Solve a classic dynamic programming problem to get the flag.
SQL Injection Basics
A vulnerable login form is waiting for you. Can you bypass authentication using SQL injection?
Base64 Encoded Secret
A secret message has been encoded multiple times. Decode it to find the flag.
Deleted File Recovery
A file was deleted from a disk image. Recover it to find the flag.
Social Media Sleuth
Find information about a target using only publicly available social media data.
Strings in Binary
Analyze a binary file to find readable strings and the flag.
Morse Code
Decode a Morse code message to find the flag.
Binary Search Implementation
Implement a binary search algorithm to find the flag.
The Leaky Login
A fintech startup is getting strange login attempts. Investigate the login endpoint and find the vulnerability.
Allsafe Tea Shop Investigation
A suspicious tea shop server has been compromised. Use the terminal interface to investigate the system and find all hidden flags.
Basic Encryption
Decrypt this message to find the flag. The encryption method is simple.
Array Manipulation Challenge
Solve this coding challenge related to array operations.