Introduction
CTF Writeups
FireEye
1.
FlareOn 2020
❱
1.1.
fiddler
1.2.
garbage
1.3.
wednesday
1.4.
report
Hack The Box
2.
HTB Boxes
❱
2.1.
SwagShop
2.2.
Postman
2.3.
Traverxec
2.4.
OpenAdmin
2.5.
Resolute
2.6.
Sauna
2.7.
Remote
2.8.
Traceback
2.9.
Blunder
2.10.
Admirer
2.11.
Tabby
2.12.
Cascade
2.13.
Magic
2.14.
Cache
2.15.
Buff
2.16.
Fuse
2.17.
SneakyMailer
2.18.
Quick
2.19.
OpenKeys
2.20.
Worker
2.21.
Omni
2.22.
Passage
2.23.
Blackfield
2.24.
Unbalanced
2.25.
Feline
2.26.
Lame
2.27.
Legacy
2.28.
Brainfuck
2.29.
Blue
2.30.
Bashed
2.31.
Devel
2.32.
Shocker
2.33.
Optimum
2.34.
Nibbles
2.35.
Granny
2.36.
Beep
2.37.
Bastard
2.38.
Cronos
2.39.
Silo
2.40.
Nineveh
2.41.
Arctic
2.42.
Grandpa
2.43.
Sense
2.44.
SolidState
2.45.
Bounty
2.46.
Node
2.47.
Jerry
2.48.
Valentine
2.49.
Conceal
2.50.
Poison
2.51.
Sunday
2.52.
Chatterbox
2.53.
Forest
2.54.
TartarSauce
2.55.
Blocky
2.56.
Mirai
2.57.
Frolic
2.58.
Irked
2.59.
FriendZone
2.60.
Bastion
2.61.
Writeup
2.62.
Networked
2.63.
Servmon
2.64.
Popcorn
2.65.
Haircut
2.66.
Active
2.67.
SecNotes
2.68.
Jarvis
2.69.
Mango
2.70.
Doctor
2.71.
BankRobber
2.72.
Bank
3.
HTB Challenges
❱
3.1.
Crypto
❱
3.1.1.
Templed
3.1.2.
Weak RSA
3.2.
Reversing
❱
3.2.1.
Find the Easy Pass
3.3.
Forensics
❱
3.3.1.
Marshal in the Middle
3.3.2.
Illumination (Owned/Active)
3.3.3.
Took The Byte
3.3.4.
USB_Ripper
4.
HTB CTFs
❱
4.1.
Cyber Apocalypse 2021
❱
4.1.1.
Crypto Challenges
❱
4.1.1.1.
Nintendo Base64
4.1.2.
Forensics Challenges
❱
4.1.2.1.
Key Mission
4.1.3.
Reversing Challenges
❱
4.1.3.1.
Authenticator
4.1.3.2.
Passphrase
4.1.4.
Warmup
❱
4.1.4.1.
Welcome!
MetaCTF
5.
CyberGames 2021
❱
5.1.
Binary Exploitation
❱
5.1.1.
Simple Format
5.2.
Cryptography
❱
5.2.1.
A to Z
5.2.2.
Thnks fr th Pwds
5.2.3.
Wrong Way
5.2.4.
Unbreakable Encryption
5.3.
Forensics
❱
5.3.1.
Magic in the Hex
5.3.2.
My Logs Know What You Did
5.3.3.
I Just Wanna Run
5.3.4.
Sharing Files and Passwords
5.3.5.
Still Believe in Magic?
5.3.6.
Et tu, Hacker?
5.3.7.
Easy as it (TCP) Streams
5.3.8.
Pattern of Life
5.4.
Other
❱
5.4.1.
Flag Format
5.4.2.
This Ain't a Scene, It's an Encryption Race
5.4.3.
Interception 1
5.4.4.
Interception 2
5.4.5.
Interception 3
5.5.
Reconnaissance
❱
5.5.1.
Sugar, We're Goin Up
5.5.2.
The Best Laid Plans...
5.5.3.
Who Broke The Printer This Time?
5.5.4.
Who owns the cloud?
5.5.5.
Where in the World?
5.5.6.
The Searcher
5.5.7.
I want my files back!
5.5.8.
Mystery C2 Server
5.5.9.
Where's Vedder
5.6.
Reverse Engineering
❱
5.6.1.
Strings
5.6.2.
Source Code Shipping
5.7.
Web Exploitation
❱
5.7.1.
Under Inspection
5.7.2.
Yummy Vegetables
Offensive Security
6.
PG: Practice
7.
PG: Play
SANS
8.
KringleCon 2020
❱
8.1.
1F: Staging
❱
8.1.1.
Objective 1
8.2.
1F: Castle Approach
❱
8.2.1.
Task: Unescape Tmux
8.2.2.
Task: KringleCon Kiosk
8.2.3.
Objective 2
8.3.
1F: Entry
❱
8.3.1.
Objective 4
8.3.2.
Objective 5
8.4.
1F: Great Room
8.5.
1F: Kitchen
❱
8.5.1.
Task: 33.6kbps
8.5.2.
Task: Redis Bughunt
8.6.
1F: Dining Room
❱
8.6.1.
Task: The ELF Code
8.7.
1F: Courtyard
❱
8.7.1.
Task: Linux Primer
8.7.2.
Objective 3
8.8.
1.5F: Workshop
❱
8.8.1.
Task: Sort-O-Matic
8.9.
1.5F: Wrapping Room
8.10.
2F: Talks Lobby
❱
8.10.1.
Task: Speaker UNPrep
8.11.
2F: Speaker UNPrepardness Room
❱
8.11.1.
Terminal: Snowball Game
9.
Hackfest 2021
❱
9.1.
Router Pwn
9.2.
NFT Baby
9.3.
Teenage Mutant Ninja Squirtle
9.4.
Printer
9.5.
One Shots
9.6.
Cat Hacked
9.7.
SkyDash
9.8.
Taskist-Pro
9.9.
Ransom Inc
10.
KringleCon 2021
❱
10.1.
Booths
10.2.
Talks
10.3.
Objectives
❱
10.3.1.
KringleCon Orientation
10.3.2.
Where In The World Is Caramel Santaigo?
10.3.3.
Thaw Frost Towers Entrance
10.3.4.
Slot Machine Investigation
10.3.5.
Strange USB Device
10.3.6.
Shellcode Primer
10.3.7.
Printer Exploitation
10.3.8.
Kerberoasting On An Open Fire
10.3.9.
Splunk
10.3.10.
Now Hiring
10.3.11.
Customer Complaint Analysis
10.3.12.
Frost Tower Website Checkup
10.3.13.
FPGA Programming
10.4.
Terminals
❱
10.4.1.
Open The Gate
10.4.2.
Document Analysis
10.4.3.
Grepping for Gold
10.4.4.
Logic Munchers
10.4.5.
IPv6 Sandbox
10.4.6.
HoHo No
10.4.7.
Yara Analysis
10.4.8.
IMDS Exploration
10.4.9.
ELF Code Python
10.4.10.
Strace Ltrace Retrace
10.4.11.
Frostavator
10.4.12.
Holiday Hero
11.
KringleCon 2022
❱
11.1.
Areas
❱
11.1.1.
Staging
11.1.2.
North Pole
11.1.3.
Underground
11.1.4.
Hall of Talks
11.1.5.
Tolkien Ring
11.1.6.
Elfen Ring
11.1.7.
Elf House
11.1.8.
Web Ring
11.1.9.
Fountain
11.1.10.
Cloud Ring
11.1.11.
Burning Ring of Fire
11.1.12.
Entry Room
11.2.
Terminals
❱
11.2.1.
Wireshark Phising
11.2.2.
Windows Event Logs
11.2.3.
Suricata Regatta
11.2.4.
Clone with a Difference
11.2.5.
Prison Escape
11.2.6.
Jolly CI/CD
11.2.7.
Naughty IP
11.2.8.
Credential Mining
11.2.9.
404 FTW
11.2.10.
IMDS, XXE, and Other Abbreviations
11.2.11.
Open Boria Mine Door
11.2.12.
Glamtariel's Fountain
11.2.13.
AWS CLI Intro
11.2.14.
Trufflehog Search
11.2.15.
Exploitation via AWS CLI
11.2.16.
Buy a Hat
11.2.17.
Blockchain Divination
11.2.18.
Exploit a Smart Contract
12.
KringleCon 2023
❱
12.1.
Christmas Island
13.
Offensive Operations CTF 2024
❱
13.1.
Baby Rop
13.2.
Bad Fish
13.3.
Duck Hunter
13.4.
Ghibli Store
13.5.
Hippity Hoppity
13.6.
In Between the Lines
13.7.
JavaScript
13.8.
Taskist
13.9.
Warmup Pwn
Reference Notes
14.
General
❱
14.1.
General Notes
14.2.
OSINT
14.3.
Target Enumeration
14.4.
File Transfers
14.5.
Windows CLI
14.6.
Port Forwarding
14.7.
Compiling Code
14.8.
Hashes & Passwords
14.9.
Helpful Python Methods
15.
Shells
❱
15.1.
Upgrading Shells
15.2.
Embedding Shells
15.3.
One-Liners
15.4.
Web Shells
15.5.
MSF Venom
15.6.
AV Evasion
15.7.
Meterpreter
16.
Kernel Exploits
❱
16.1.
MS17-010
16.2.
Juicy Potato
16.3.
Equation Group Leaks
17.
Network Services
❱
17.1.
Apple Remote Desktop
17.2.
HTTP
17.3.
Java (JVM)
17.4.
Kerberos
17.5.
LDAP
17.6.
Redis
17.7.
RDP
17.8.
RPC
17.9.
rsync
17.10.
SCCM Remote Control
17.11.
SQL
17.12.
SSH
17.13.
Telnet
17.14.
VNC
17.15.
WinRM
17.16.
WMI
17.17.
Xorg
18.
Client-Side Attacks
❱
18.1.
MS Office
18.2.
PS Download Cradles
18.3.
PS Shell Scripts
18.4.
HTML Smuggling
18.5.
Windows Script Host
18.6.
C# Shellcode
19.
Privilege Escalation
❱
19.1.
Linux
19.2.
Windows
20.
Post-Exploitation
❱
20.1.
Windows
21.
Active Directory
❱
21.1.
General Notes
21.2.
BloodHound Queries
22.
Exploit Development
❱
22.1.
Using WinDbg
Light
Rust
Coal
Navy
Ayu (default)
Cyber Security Notebook
Task: Sort-O-Matic
Instructions
