CTF (Capture The Flag) is a type of information security competition that challenges contestants to find solutions or complete various tasks.

Related tags

Learning resource cryptography reverse-engineering hacking forensics ctf binary-exploitation writeups exploitation web-exploitation picoctf-writeups
Overview

WHAT IS CTF?

CTF (Capture The Flag) is a type of information security competition that challenges contestants to find solutions or complete various tasks. These tasks range from hunting for information from Wikipedia or the internet to basic programming exercises to intermediates aimed at hacking your way into a server to retrieve data. In general, contestants will be asked to find certain text that has been hidden behind web pages, servers or in images. This text is usually referred to as the flag. Like many other competitions, the skill level or difficulty for CTF varies greatly between events. Some of the competitions are targeted at professionals with experience operating in cybersecurity teams, and some are targeted at students who are new to cybersecurity in order to hone their skills and increase their knowledge. For students, the prizes given are usually financial support for education for those who succeed in becoming champions in competitions, then for professionals, usually large cash prizes.

TYPES OF CTF (in summary)

According to CTF-time, CTF is divided into various types. In summary, the jeopardy style CTF provides a list of challenges and reward points for individuals or teams who successfully complete or find a challenge solution, then the group with the most points wins. Next, there is attack/defense style CTF, this type of CTF focuses on attacking the opponent's server and defending your own server. Usually this type of CTF is intended for those who are very experienced in the world of cybersecurity and this type of CTF is carried out in a specific physical location.

JEOPARDY CHALLENGES

CATEGORY ABOUT
Web Exploitation Usually Involves SQL Injection, Command Injection, Directory Traversal, XSS, Server Side Request Forgery, and Cross Site Request Forgery
Cryptography XOR, Caesar Cipher, RSA, Stream Ciphers, Vigenere Cipher, Hashing Functions, Block Ciphers, Substitution Cipher.
Binary Exploitation Common topics addressed by Binary Exploitation are Registers, The Stack, Buffers, Global Offset Table, Calling Conventions, Return Oriented Programming, Binary Security, The Heap, Format String Vulnerability.
Reverse Engineering Usually involves Assembly, C , Disassemblers, and Decompilers.
Forensics Forensics is a way to recover data left on a computer. there are tons of methods out there to find deleted, unsaved, or worse, secretly recorded data. An important part of Forensics is having the right tools and being familiar with file formats , EXIF data, WireShark, Steganography , and Disk Imaging.

FUN-FACT

1. CTF can be played as an individual or in a team.
2. It is known that many challenges do not require programming knowledge and only 
rely on problem solving skills and creative thinking.

picoCTF's Solution

No. Problems Category Website Year Points Result
1. Obedient Cat General Skills picoCTF 2021 5 SOLVED
2. Mod 26 Cryptography picoCTF 2021 10 SOLVED
3. Wave a flag General Skills picoCTF 2021 10 SOLVED
4. Nice netcat... General Skills picoCTF 2021 15 SOLVED
5. Python Wrangling General Skills picoCTF 2021 10 SOLVED
6. Information Forensics picoCTF 2021 10 SOLVED
7. GET aHEAD Web Exploitation picoCTF 2021 20 SOLVED
8. Insp3ct0r Web Exploitation picoCTF 2019 50 SOLVED
9. where are the robots Web Exploitation picoCTF 2019 100 SOLVED
10. Secrets Web Exploitation picoCTF 2022 200 SOLVED
11. Local Authority Web Exploitation picoCTF 2022 100 SOLVED
12. Roboto Sans Web Exploitation picoCTF 2022 200 SOLVED
13. Search Source Web Exploitation picoCTF 2022 100 SOLVED
14. Includes Web Exploitation picoCTF 2022 100 SOLVED
15. Inspect HTML Web Exploitation picoCTF 2022 100 SOLVED
16. morse-code Cryptography picoCTF 2022 100 SOLVED
17. unpackme.py Reverse Engineering picoCTF 2022 100 SOLVED
18. Power Cookie Web Exploitation picoCTF 2022 200 SOLVED
19. don't-use-client-side Web Exploitation picoCTF 2019 100 SOLVED
20. picobrowser Web Exploitation picoCTF 2019 200 SOLVED
21. logon Web Exploitation picoCTF 2019 100 SOLVED
22. Client-side-again Web Exploitation picoCTF 2019 200 SOLVED
23. Irish-Name-Repo 1 Web Exploitation picoCTF 2019 300 SOLVED
23. Irish-Name-Repo 2 Web Exploitation picoCTF 2019 350 SOLVED
24. Basic-mod1 Cryptography picoCTF 2022 100 SOLVED
25. 13 Cryptography picoCTF 2019 100 SOLVED
26. Basic-mod2 Cryptography picoCTF 2022 100 SOLVED
27. file-run1 Reverse Engineering picoCTF 2022 100 SOLVED
28. Cookies Web Exploitation picoCTF 2021 40 SOLVED
28. credstuff Cryptography picoCTF 2022 100 SOLVED
29. Vigenere Cryptography picoCTF 2022 100 SOLVED
29. rail-fence Cryptography picoCTF 2022 100 SOLVED
30. substitution0 Cryptography picoCTF 2022 100 SOLVED
31. buffer overflow 0 Binary Exploitation picoCTF 2022 100 SOLVED
32. Packets Primer Forensics picoCTF 2022 100 SOLVED
33. St3g0 Forensics picoCTF 2022 300 SOLVED
34. Transformation Reverse Engineering picoCTF 2022 20 SOLVED
35. Enhance! Forensics picoCTF 2022 100 SOLVED
36. Eavesdrop Forensics picoCTF 2022 300 SOLVED
37. Sleuthkit Intro Forensics picoCTF 2022 100 SOLVED
38. Lookey here Forensics picoCTF 2022 100 SOLVED
39. Redaction gone wrong Forensics picoCTF 2022 100 SOLVED
40. file-run2 Reverse Engineering picoCTF 2022 100 SOLVED
41. patchme.py Reverse Engineering picoCTF 2022 100 SOLVED
42. substitution1 Cryptography picoCTF 2022 100 SOLVED
43. substitution2 Cryptography picoCTF 2022 100 SOLVED
44. SQL Direct Web Exploitation picoCTF 2022 200 SOLVED
45. SQLiLite Web Exploitation picoCTF 2022 300 SOLVED
46. basic-file-exploit Binary Exploitation picoCTF 2022 100 SOLVED
47. Safe Opener Reverse Engineering picoCTF 2022 100 SOLVED
48. Bloat.py Reverse Engineering picoCTF 2022 200 SOLVED
49. Forbidden Paths Web Exploitation picoCTF 2022 200 SOLVED
50. Web Gauntlet 2 Web Exploitation picoCTF 2021 170 SOLVED
51. Web Gauntlet Web Exploitation picoCTF 2020 Mini 200 SOLVED
52. Fresh Java Reverse Engineering picoCTF 2022 200 SOLVED
53. unpackme Reverse Engineering picoCTF 2022 300 UNSOLVED
54. Some Assembly Required 1 Web Exploitation picoCTF 2021 70 SOLVED
55. Some Assembly Required 2 Web Exploitation picoCTF 2021 110 SOLVED
56. Some Assembly Required 3 Web Exploitation picoCTF 2021 160 UNSOLVED
57. jaWT Scratchpad Web Exploitation picoCTF 2019 400 SOLVED

MEET THE TEAM MEMBERS

BAY'S LOGO

CLICK THE BUTTON BELOW TO VIEW!

BAY - CTF DIVISION
USERNAME HELD STREAM Profession(s)
jon-brandy Web-Exploitation - Forensics College Student - Researcher
Q Web-Exploitation - Cryptography College Student - Designer
RioFerdinand25 Forensics College Student
Antonyous10 Cryptography College Student
PlasmaRing Reverse-Engineering - Cryptography College Student - Entrepreneur
stephanchandra Binary Exploitation College Student - Mentor

LEARNING REFERENCES

https://github.com/apsdehal/awesome-ctf/blob/master/README.md
https://int0x33.medium.com/day-18-essential-ctf-tools-1f9af1552214
https://ctftime.org/ctf-wtf/
https://cryptokait.com/2020/09/02/taking-password-cracking-to-the-next-level/
https://wiki.skullsecurity.org/index.php/Passwords#Password_dictionaries
https://askubuntu.com/questions/866596/you-do-not-have-permission-to-extract-to-this-folder
https://jwt.io/introduction
You might also like...

Example Breakout games using small libraries/engines/templates for the js13kGames competition.

Example Breakout games using small libraries/engines/templates for the js13kGames competition.

js13kBreakouts We implemented the same breakout style game with small libraries/engines/templates for the js13kGames competition! Live Demos LittleJS

Sep 17, 2022

A to-do list app is a productivity tool designed to help users to create and maintain lists of tasks that they need to complete and it allows user to edit their tasks even after the task is saved. Built with CSS, HTML, and JAVASCRIPT.

Tumaini Maganiko 📗 Table of Contents 📗 Table of Contents 📖 To Do List PROJECT 🛠 Built With Tech Stack Key Features 🚀 Live Demo 💻 Getting Started

May 9, 2023

HITB SECCONF EDU CTF 2021. Developed with ❤️ by Hackerdom team and HITB.

HITB SECCONF EDU CTF 2021. Developed with ❤️ by Hackerdom team and HITB.

HITB SECCCONF EDU CTF 2021 SECCONF EDU CTF is an online international challenge in information security. Developed by Hackerdom team for HITB SECCONF

Sep 3, 2022

Plateforme de CTF pour étudiants d'Epitech

Plateforme_CTF Plateforme de CTF pour étudiants d'Epitech (les challenges ne sont pas présents sur ce répo, celui-ci nous sert simplement en tant que

Mar 11, 2022

A to do list where you can add tasks, mark completed tasks and clear all completed tasks.

A to do list where you can add tasks, mark completed tasks and clear all completed tasks.

To Do List A to do list where you can add tasks, mark completed tasks and clear all completed tasks. You can rearrange the order of the tasks by doubl

Mar 4, 2022

This project entails a To-do-List whereby a user can input the tasks they want to do, check the tasks done and also clear all tasks when all of them are completed. It is efficient for a user who want to manage their time and keep track of their day.

This project entails a To-do-List whereby a user can input the tasks they want to do, check the tasks done and also clear all tasks when all of them are completed. It is efficient for a user who want to manage their time and keep track of their day.

Screenshot Here is a screenshot for the project. To-Do-List Project This is a Microverse project that entails a to-do-list which one is able to add an

Jun 16, 2022

To Do list is a small but useful project to make list app , you can add tasks delete tasks and modify tasks, the project built using HTML, CSS, JavaScript

Project Name The To-Do-List app description this is a project in the second week of the second module in microverse. its a useful to do list that save

Jul 25, 2022

A simple to do list app built with HTML, CSS and JavaScript. Users can add daily tasks, edit the tasks, delete the tasks when it's done

To Do List This is a website that allows users to manage the tasks. users can add every task to do and when the task is done users can delete the task

Jul 21, 2022

A script for defending the Canadian flag on r/place 2022

ca-place-script A script for defending the Canadian flag on r/place 2022. This script will automate your tile placements to defend the grey outline an

Apr 4, 2022
Owner
Nicolas Saputra Gunawan
Student at Bina Nusantara University and majoring Cyber Security. Loves many things about cyber and enjoy build web apps.
Nicolas Saputra Gunawan
GitHub
A todo-list app designed to help users manage their tasks. Users can create a task, read tasks, update tasks, delete task, check completed tasks and delete all checked tasks. Also contains basic tests. Built with WebPack,, Modular JavaScript, Jest Libary and LocalStorage.

todolist This project is created to understand the use of ES6 with Webpack Built With HTML, CSS and Javascript. Webpack. Live Demo (if available) http

Shotola Ololade 3 Oct 13, 2022
It is a simple yet powerful to do list app in which you can add daily to-do tasks.you can edit, remove, check it to change its status to complete or not complete. it would save all the data and changes in local storage and track your daily tasks whether you have completed them or not.Built with vanilla JavaScript

To Do list - minimalist It is a simple yet powerful to do list app in which you can add daily to-do tasks. it would save all the data and changes in l

Zuhaib Amjad 5 Oct 9, 2022
The to-do list project is an app that allows users to successfully organize their day by inputting prioritized tasks. The project also allows users to carry out the CRUD operations for (add, edit and delete). Two special features of the app are that it saves tasks in the local storage of the user's browser, so when the user reloads or revisits the app, the user can view a list of tasks formerly inputted, and it allows users to prioritize their tasks by dragging up and down the list section.

TO-DO-LIST This is a To Do List Project that dynamically displays tasks to be done with interactions for removing and adding task when completed or no

Francis Ugorji 9 Nov 1, 2021
This is a To-Do List. It shows a minimalist design with the next features: Add new tasks, edit tasks, markup completed tasks, and erase all completed tasks. Built with JavaScript.

Project Name To Do List Built With HTML CSS JavaScript Live Demo To do List Live Demo Link Getting Started This is a To Do List. It shows a minimalist

Santiago Cárdenas 6 Jun 9, 2022
A simple JS To Do List bundled using Webpack. You can add new tasks, edit existing tasks, check completed tasks, and delete tasks from the list. It is built mainly with Javascript.

To-Do-List A simple HTML list of To Do built using webpack and served by a webpack dev server. Live Link See Demo Built With HTML, CSS, Javascript To

Michael Ugochukwu 3 May 10, 2022
LunaSec - Open Source Security Software built by Security Engineers. Scan your dependencies for Log4Shell, or add Data Tokenization to prevent data leaks. Try our live Tokenizer demo: https://app.lunasec.dev

Our Software We're a team of Security Engineers on a mission to make awesome Open Source Application Security tooling. It all lives in this repo. Here

LunaSec 1.2k Jan 7, 2023
A fast and powerful http toolkit that take a list of domains to find active domains and other information such as status-code, title, response-time , server, content-type and many other

HTTPFY curently in beta so you may see problems. Please open a Issue on GitHub and report them! A Incredible fast and Powerful HTTP toolkit Report Bug

DevXprite 44 Dec 22, 2022
Examples and challenges of my video about Creating and testing a complete Node.js Rest API (Without frameworks)

Building a complete Node.js WebApi + testing with no frameworks Welcome, this repo is part of my youtube video about Creating and testing a complete N

Erick Wendel 120 Dec 23, 2022
A health-focused app for users to be able to track workouts and nutritional data with a social media component to inspire friendly competition among the users.

A health-focused app for users to be able to track workouts and nutritional data with a social media component to inspire friendly competition among the users.

Jon Jackson 3 Aug 26, 2022
Using Open Banking Data to Maximize Mortgage Savings. CSESoc X Pearler Competition Winner.

Mortgage Manager Overview Mortgage Manager is an open-source online home-loan comparison tool using product data from the Consumer Data Standards Bank

Luke Prior 17 Oct 11, 2022