Challenges

Clear
All 138 Web 14 Pwn 11 Crypto 11 Forensics 11 Rev 10 Misc 11 OSINT 10 network 11 Mobile 14 Cloud 14 web3 12 Linux 9
network Easy

DNS Exfiltration

DNS TXT record contains exfiltrated flag data. Analyze the PCAP to extract it.

100 pts
4 solves 🩸
network Easy

Insecure FTP Login

A user logged into an FTP server. Analyze the network traffic to extract the username and password. The flag is in the format: aSEC{password}

100 pts
9 solves 🩸
network Easy

TLS Certificate Inspection

A PCAP file contains a TLS 1.2 handshake. The server's certificate has a custom Subject Alternative Name (SAN) extension containing a base64-encoded flag. Extract the certificate from the handshake bytes, decode the SAN extension, and retrieve the flag — no need to decrypt the TLS traffic.

150 pts
network Medium

ARP Spoofing Detection

A PCAP file captures a LAN segment during an attack. An attacker performed ARP spoofing to become the MITM between two hosts. Identify the attacker's MAC address, the two victim IPs, and find the HTTP credential captured mid-stream in the TCP reassembly. The credentials are the flag.

250 pts
network Medium

DNS Data Exfiltration

An attacker exfiltrated sensitive data using DNS queries. Analyze the packet capture to extract the hidden message and find the flag.

200 pts
8 solves 🩸
network Medium

Hidden Service

Port scan captured. Find the one open port, follow its TCP stream, and extract the flag from HTTP response headers.

250 pts
4 solves 🩸
network Medium

IPv6 Neighbor Discovery Recon

A PCAP from an IPv6-enabled corporate LAN shows ICMPv6 Neighbor Discovery traffic. An attacker sent Router Advertisement (RA) flooding to redirect traffic. Find the rogue RA source, decode its Prefix Information option, and the hidden flag is encoded as a crafted IPv6 prefix in the RA packet.

300 pts
network Hard

BGP Hijack Analysis

A BGP UPDATE PCAP shows a route injection attack. An adversarial AS announced a more-specific /24 prefix to hijack traffic destined for a /16. Find the hijacking ASN, the hijacked prefix, and decode the flag hidden in the BGP COMMUNITY attribute of the malicious UPDATE message.

450 pts
network Hard

Custom Protocol

Reverse engineer a binary network protocol. Craft valid AUTH and GET_FLAG packets to retrieve the flag.

400 pts
3 solves 🩸
network Hard

WiFi Cracking

WPA2-PSK handshake challenge. The password is a dictionary word + year. Crack with hashcat or aircrack-ng.

300 pts
3 solves 🩸
network Insane

Encrypted C2

C2 traffic with XOR-encrypted payload. Use the session key to decrypt the exfiltrated flag.

500 pts
3 solves 🩸