This repository is an open resource for anyone looking to improve their cybersecurity skills. It features a comprehensive collection of writeups from various platforms, including CTF competitions, popular training platforms like HackTheBox (HTB) and TryHackMe (THM), and Blue Team Training platforms like CyberDefender and Blue Team Lab Online (BTLO).
The writeups provide a wealth of knowledge, from detailed walkthroughs to expert tips, making it an excellent resource for both beginners and experienced professionals. Whether you're interested in learning more about cybersecurity or staying up-to-date with the latest trends, this repository has something for everyone. Overall, this repository is a valuable tool for anyone looking to master the art of cybersecurity.
Based on my experience, there are 5 main categories in CTF Competitions, which mean in any CTF these category would likely appear as the challenge, and those are:
| Cateogry | Explanation |
|---|---|
| Cryptography | mainly deal with encoding, encryption, hashing, ciphers, and many algorithms. |
| Forensic | Usually based on real-world scenarios and can include file format analysis, steganography, memory dump analysis, or network packet capture analysis. Sometimes it also includes Malware Analysis or post-attack scenarios. |
| Binary Exploitation | Exploit bugs or vulnerabilities to cause unintended or unexpected behavior in stack, heap, kernel or even web |
| Reverse Engineering | Just like its name, you'll work around a compiled program and try to reverse it, the compiled program can be anything from a c, java, go-lang and many more. |
| Web Exploitation | Exploit vulnerabilities in web-based applications to gain access to sensitive data or control over the app, usually involves SQL Injection, Cross-site Scripting, IDOR, Local File Inclusion, etc. |
However there are also some categories that not every CTF offers, due to their rare appearance, you might be surprised if you happen to come across one of these categories,
| Cateogry | Explanation |
|---|---|
| Blockchain | Working around smart contract challenges sounds fun doesn't it, it can even combine some categories like, Reverse Engineering, Forensic and sometimes Binary Exploitation. The Challenges can be anything from Contract analysis, log analysis, exploiting and reversing smart contracts, or just simply searching addresses. |
| DFIR | DFIR stands for Digital Forensics and Incident Response, as you already guessed, this category offers you a similar challenge you get from Forensics, the difference I noticed is DFIR CTF Challenge usually works around SIEMS (Security information and event management) log analysis. |
| OSINT | Open Soure Intelligence(OSINT) is a very fine addition to the main categories in my opinion, we just need to do some research and we got the answer. |
| Hardware | This category is also new for me, I've only encountered a challenge, where the flag is hidden in PCE-like images. |
| Name | Date |
|---|---|
| NCW | |
| IFEST | |
| BeeFEST | |
| PicoCTF Spring |
| Name | Date |
|---|---|
| JerseyCTF | 15 April - 16 April 2023 |
| ångstromCTF | 21 April - 26 April 2023 |
| FindIT | 14 May 2023 |
| TechnoFairCTF | 9 July & 15 July 2023 |
| HackToday | 26 August 2023 |
| COMPFEST15 | 2 September 2023 |
| IntechFest | 9 - 10 September 2023 |
| Gemastik XVI | 30 July & 13-15 September 2023 |
| BPJS Hackathon | 1, 10, 23 September 2023 |
| Slashroot | 30 September 2023 |
| Hology6 | 8 October 2023 |
| Blackhat MEA Qual | 8 - 9 October 2023 |