You can find writeups for various CTF challenges here. To keep them organized I sorted them by year and event.
Inside each event you can find all writeups that I produced.
Sometimes there are sorted into folders corresponding to the category. This happens only when the writeup is interesting, there were many tasks in that category or just a lot of writeups for that event.
I might change that in the future, I didn't want to create folders for each month because some start and end in differnt months. After publishing the first ones and referencing them on different platforms changing the URL was a no-go, so I sticked with that, at least for the current year to make things consistent.
This can be used as a resource on how to approach certain challenges. Most writeups are limited to a specific task so you will have to search for them yourself.
I will try to create a list of used tools below.
Interesting challenges that you should know and understand can be found in the next section. Those are the ones I liked the most and where I tried to make everything as clear as possible writing my solution down after approaching the task.
If you have any questions, suggestions or improvements feel free to collaborate using issues or pull requests.
- Syskron Security CTF - Key generator Analyzing an unstripped binary to find a hidden secret
- Newark Academy CTF - Patches Finding a hidden functionality and executing it
- Newark Academy CTF - Encoder Reversing assembler with syscalls and reconstructing it in python
- Hack.lu CTF - flagdroid Analyzing an android APK with apktool and jd by reconstructing dalvik opcodes to java
- AppSec IL CTF - GreatSuccess Analyzing an iOS App Store Package using a React Native jsbundle
- Sunshine CTF - speedrun Collection of 18 different challenges bypassing different security measures
- Newark Academy CTF - dROPit Use a stack buffer overflow to inject a ROP-Chain in a binary with no stack protector using a libc leak
- Square CTF - Jimi Jam Inject a ROP-Chain in a binary with PIE using an address leak
- Sunshine CTF - speedrun-12 Using an address leak and a format string vulnerability in a binary with PIE
- Sunshine CTF - speedrun-14 Using a ROP-Chain in a statically linked binary without PIE for a syscall to execve
- Hack.lu CTF - Confessions Finding hidden data on open GraphQL endpoints
- Cyber Security Rumble CTF- Wheels N Whales Dangerous usage of the default yaml.Loader for remote code execution
- AppSec IL CTF - Township Leak Bypass access restrictions using prototype pollution on a website using a vulnerable npm package
- Newark Academy CTF - Random Number Generator Bruteforcing the time-based seed of a PRNG in python to predict the next values
- Ledger Donjon CTF - One Time-Based Signature Bruteforcing the time-based seed of a math/rand in golang to restore a private key
- Ledger Donjon CTF - Secret RNG Predicting golang math/rand by observing the output
- Square CTF - Hash My Awesome Commands Timing attack on a bad implementation of HMAC verification
- Affinity CTF Lite - BreakMe Prime factorization of a weak RSA key
- Affinity CTF Lite - Collision Course md5sum collision using HashClash
- Syskron Security CTF - HID Decode the content of a Rubbyer Ducky BadUSB device
- Affinity CTF Lite - Classic Forensic Using volatility and dumpchk on a Windows Crash Dump
- radare2, a reverse engineering framework for the command line
- PEDA, a python exploit development assistance for gdb
- Ghidra, a reverse engineering framework
- pwntools, a CTF framework and exploit development library
- apktool, a tool for reverse engineering Android apk files
- jq-gui, a decompiler for CLASS files inside JARs
- jadx, another decompiler for JAR/DEX files
- volatility, an advanced memory forensics framework
- dumpchk, a program that performs a quick analysis of a windows crash dump file