A collection of CTF challenges — including challenges I created for local events and writeups of challenges I've solved.
Challenges I designed and built (source and intended solution included).
| Challenge | Category |
|---|---|
| dynamic function | rev |
| hide and seek | rev / malware |
| mission impossible | rev |
| password checker | rev |
| two-faces | rev |
| Challenge | Category |
|---|---|
| chall2 (Heaven's Gate, AES, ASM) | rev |
| packer | rev |
| Challenge | Category |
|---|---|
| Nono | rev |
| Challenge | Category |
|---|---|
| checker | rev |
| reality | rev |
| Challenge | Category |
|---|---|
| Ta, Jr. Skid | rev |
| Challenge | Category |
|---|---|
| PUSH window, POP nothing | rev |
| Simple Math | rev |
| Challenge | Category |
|---|---|
| The Boss Needs Help | rev |
| FlareAuthenticator | rev |
| 10000 | rev |
| Challenge | Category |
|---|---|
| C1 — Lemonade (XOR + base64 keystream) | crypto |
| C2 — Do You Think I'm Fragile | misc |
| C2 — Plato (stego + Vigenère) | stego |
| C4 — csg_ctf (HTA crackme) | rev / web |
| C5 — rawbits (EM410x RFID) | misc |
| C6 — a very old odd file (Baudot/ITA2) | misc |
| N1 — QR shares → SSE-C S3 | stego / web |
| N2 — Silent Call, Loud Message | forensics |
| N4 — Betrayer (NTLMv2 capture) | forensics |
| M1 — shut down the machine (cloud-init privesc) | cloud |
| R1 Q1 — Corrupted (fix PE) | rev |
| R2 — Packer (AES payload) | rev |
| R3 — FakeC2 (Go implant) | rev |
| R6 — Matryoshka (PHP obfuscation) | web / misc |
| S3 — appended-ZIP carve | forensics |
| Challenge | Category |
|---|---|
| simple-drm (Tauri DRM bypass) | rev |
| caps-lock (NN backdoor) | misc / ML |
| imagenalysis | web / rev |
- ACS 2025 — A Busan victory with KMA LightBlue — full writeups published on the blog.
- ACS 2024 — A silver journey in Ha Long with KMA Orange — full writeups published on the blog.