Create an Account

Already have an account? Login here

Capture The Flag Challenges

Test your cybersecurity skills with our collection of challenges across multiple domains. Find flags, hack systems, and develop your skills.

What is CTF?

Capture The Flag (CTF) is a cybersecurity competition where participants solve challenges to find flags—hidden pieces of data that prove they've completed the challenge. These competitions help develop real-world cybersecurity skills in a fun, competitive environment.

CTFs typically include challenges from various domains like cryptography, reverse engineering, web exploitation, forensics, and more. Each category tests different aspects of cybersecurity knowledge and skills.

Challenge Categories

Cryptography

Decrypt encrypted messages, break ciphers, and uncover hidden information using cryptographic techniques.

Reverse Engineering

Analyze compiled programs to understand their functionality and extract hidden flags from binary files.

Web Exploitation

Find and exploit vulnerabilities in web applications to access restricted data or functionality.

Forensics

Analyze digital artifacts, network traffic, and file metadata to uncover hidden flags and information.

Binary Exploitation

Tackle unique challenges that don't fit neatly into other categories, testing your overall problem-solving skills.

Get Started with Challenges

Your Progress

0
Challenges Solved
0
Cryptography
0
Reverse Engineering
0
Web Exploitation
0
Forensics
0
Binary Exploitation

Cryptography Challenges

Julius Would Be Proud

Easy Peasy
Unsolved

Oh, look what we have here! Another wannabe hacker who thinks they're clever by using ancient techniques. We found this message on a sticky note attached to a server. It's probably the password to the admin account. Decode it and prove how "secure" this is.

Hint: It's so easy, even a Roman emperor could crack it. Remember, only the part inside the parentheses is encoded.

Message: dedSEC(hdvb_shdvb)

Exclusive Or What?

Medium
Unsolved

Wow, someone actually thought XOR encryption was a good idea? How original. We intercepted this message from a chat room where they were discussing their "super secret" plan. The key is supposedly 'key'. Good luck figuring out what that means. You might need to XOR yourself out of this one.

Click to reveal hint
The most common byte in English text is the space character (0x20). Try XORing the ciphertext with different keys and look for the one that produces the most spaces.
Download Challenge File

Reverse Engineering Challenges

Crack Me If You Can

Easy
Unsolved

We found this suspicious binary on a compromised system. It seems to be asking for a password. Can you figure out what the correct password is and extract the flag?

Show Hint
Try using a disassembler like IDA or Ghidra to analyze the binary. Look for string comparisons or password validation routines.
Download Binary

Web Exploitation Challenges

Little Bobby Tables

Medium
Unsolved

We've discovered a login portal that seems vulnerable to SQL injection. Bypass the authentication and retrieve the flag from the database.

Show Hint
Try using a classic SQL injection payload like ' OR '1'='1 in the username field. You might need to comment out the rest of the query.
Access Web Portal

Forensics Challenges

Packet Sniffing

Medium
Unsolved

We captured this network traffic during a suspected data exfiltration attempt. Can you find what data was being exfiltrated and recover the flag?

Show Hint
Look for unusual protocols or data patterns. The flag might be hidden in DNS queries or HTTP requests.
Download PCAP File

Binary Exploitation Challenges

Hidden in Plain Sight

Easy
Unsolved

Our suspect claims this is just a normal image of a cat. We think there's something hidden in it. Can you find the secret message?

Show Hint
Try using a tool like steghide or binwalk to extract hidden data from the image. The password might be simple.
Download Image

Admin Panel

Add New Challenge

Remove Challenge

CTF Help & Resources

If you're new to Capture The Flag competitions, here are some resources to help you get started:

General Tips

  • Always read the challenge description carefully. Clues are often hidden in plain sight.
  • Start with the easier challenges to build confidence and understand the format.
  • Don't get stuck on one challenge for too long. Move on and come back later with fresh eyes.
  • Flags are always in the format dedSEC{...}. Make sure to include the entire string when submitting.

Tool Recommendations

Cryptography

CyberChef, Cryptool, Python with cryptography libraries

Reverse Engineering

Ghidra, IDA Pro, Radare2, Binary Ninja

Web Exploitation

Burp Suite, OWASP ZAP, Browser Developer Tools

Forensics

Wireshark, Autopsy, Binwalk, Steghide

Learning Resources

  • CTF Field Guide - Comprehensive guide to getting started with CTFs
  • OverTheWire - War games to practice security concepts
  • PicoCTF - Beginner-friendly CTF challenges
  • CTFtime - Schedule of upcoming CTF events