Challenges

Clear
All 138 Web 14 Pwn 11 Crypto 11 Forensics 11 Rev 10 Misc 11 OSINT 10 network 11 Mobile 14 Cloud 14 web3 12 Linux 9
Misc Easy

Exposed Git Repository

A website accidentally exposed its .git directory. Can you download it and find the flag hidden in the commit history?

200 pts
7 solves 🩸
Misc Easy

Git Blame — Secret in History

A public GitHub repository (provided as a .bundle file) contains a web application. A developer accidentally committed AWS credentials and a flag in a .env file, then immediately deleted them in the next commit. Recover the deleted content from git history.

150 pts
Misc Easy

Layer Cake

Multi-layered encoding: ROT13 → Base32 → Base64 → Flag. Peel each layer.

100 pts
5 solves 🩸
Misc Easy

Misconfigured S3 Bucket

A company left their S3 bucket publicly accessible. The bucket name follows a predictable pattern. Can you find it and access the sensitive files? Bucket naming pattern: company-[environment]-[year]-backups Company: acmecorp Environments: dev, staging, prod Years: 2024, 2025

100 pts
8 solves 🩸
Misc Easy

QR Quest

Flag hidden in QR code PNG metadata. Either scan a proper QR (generate with generate_qr.py) or extract from tEXt chunk.

200 pts
5 solves 🩸
Misc Medium

Polyglot File

A file named 'mystery' is provided. It is simultaneously a valid ZIP file AND a valid PDF file AND a valid PNG file — a polyglot. Each format hides a fragment of the flag. Parse all three formats from the same file bytes and combine the three fragments to form the complete flag.

250 pts
Misc Medium

Radio Silence (Morse)

Morse code encoded message. Decode to find the flag. Special markers: { = .-.-.- } = -.-.-- _ = ..--.-

300 pts
3 solves 🩸
Misc Hard

Audio Steganography — SSTV

A WAV audio file contains a hidden image transmitted using Slow-Scan Television (SSTV) encoding in the Robot36 format. Decode the audio to reveal an image containing the flag. This is a real radio technique used by satellites and shortwave stations.

450 pts
2 solves 🩸
Misc Hard

Brainfuck Jail Escape

A 'safe' code execution sandbox only accepts Brainfuck input — no Python, no bash, no C. But the Brainfuck interpreter itself is a Python script that uses eval() to compute cell indices. Inject Python code through a crafted cell index expression to read /flag and print it.

400 pts
1 solve 🩸
Misc Hard

Maze Runner

Navigate a 15x15 maze in under 100 moves. Scripting is recommended to solve the maze algorithmically.

400 pts
6 solves 🩸
Misc Insane

Grand Finale Chain

Multi-step challenge: find hidden message in WAV metadata → base64 decode → reveals the flag.

500 pts
4 solves 🩸