Custom CTF challenges designed to test various cybersecurity skills.
Category: Misc / Steganography
Difficulty: Medium-Hard
A multi-layered puzzle involving hidden hex blobs, XOR encoding, spectrogram analysis, Morse code, corrupted images, and AES decryption.
| View Writeup | Download Challenge |
Category: Web / GraphQL
Difficulty: Easy-Medium
Exploit GraphQL vulnerabilities to access Santa’s protected data. Features introspection discovery, authorization bypass, and batch query attacks.
| View Writeup | Download Challenge |
Category: Minecraft / Forensics / OSINT
Difficulty: Medium
A Minecraft world forensics puzzle. Recover the creator’s last logout position from NBT data, decode Base64 clues hidden in books, use bedrock pattern matching to locate the final flag stash.
| View Writeup | Download Challenge |
Category: Signal Processing / Misc
Difficulty: Hard
Decode a deep-space audio transmission hiding raster images. Detect sync pulses in a WAV file, extract scanlines, and reconstruct hidden pictures — Golden Record style.
| View Writeup | Download Challenge |
Category: Forensics
Difficulty: Medium
A corrupted PNG with a hidden 7z archive appended after the IEND chunk. Fix the signature byte, parse PNG chunks to find the trailer, swap the magic bytes, and extract the real flag.
| View Writeup | Download Challenge |
Category: Misc
Difficulty: Easy
A star-tracker calibration puzzle. Use labeled guide stars to fit a camera model with radial distortion, then invert it to map all detections back to sky coordinates. The brightest stars spell a hidden message.
| View Writeup | Download Challenge |
Category: Misc / Crypto / Forensics
Difficulty: Very Hard
Blind plate-solve 4 noisy star frames against a catalog, extract matching star IDs, derive per-frame ChaCha20-Poly1305 keys, and decrypt flag parts. AEAD authentication enforces perfect correctness.
| View Writeup | Download Challenge |
Category: OSINT
Difficulty: Medium
Three images, three fragments — each pointing to a Latvian place. Use reverse image search, identify carved faces, and trace devil folklore to pinpoint three locations with proper Latvian diacritics.
| View Writeup | Download Challenge |
Category: OSINT / GTA V
Difficulty: Easy
A GTA V geolocation challenge. Given a screenshot of Franklin standing next to a road, identify the exact in-game location using database lookups or manual map exploration.
| View Writeup | Download Challenge |
