This is the repository of all the CTF challenges I've made / helped develop.
Message me on Discord at strellic if you have any questions.
| Name |
Category |
Solves |
Difficulty |
Keywords |
| SecureStorage |
web |
?? |
★★★☆☆ |
xss, postMessage |
| Name |
Category |
Solves |
Difficulty |
Keywords |
| babyrev |
rev |
203 |
★☆☆☆☆ |
simple rev, xor, memfrob |
| smogofwar |
misc |
7 |
★★☆☆☆ |
chess ai, stockfish, fog of war, sockets |
| flagbot |
misc |
23 |
★★☆☆☆ |
discord bot, youtube, restricted environment, traffic sniffing |
| buyme |
web |
110 |
★☆☆☆☆ |
unsafe destructuring |
| phpme |
web |
64 |
★★☆☆☆ |
php, content-type confusion, lax+post |
| readme |
web |
46 |
★★☆☆☆ |
unsafe js eval, js vm escape |
| blogme |
web |
2 |
★★★★☆ |
xss, cloudflare csp bypass, service workers |
| msgme |
web |
1 |
★★★★☆ |
xss, websockets, webrtc csp bypass, command chaining |
| saasme |
web |
2 |
★★★★☆ |
dns rebinding, protocol smuggling, chrome remote debugging protocol |
| styleme |
web |
1 |
★★★★★ |
chrome extension, prototype pollution, novel xs-leak |
You can find these challenges on the HackTheBox website.
| Name |
Category |
Solves / Blood Time |
Difficulty |
Keywords |
| AnalyticalEngine |
web |
1 solve at CTF end |
★★★★☆ |
htb uni ctf, xss, novel dom clobbering, csp bypass |
| OOPArtDB |
web |
3d, 22hr for blood |
★★★★☆ |
? (active HTB challenge) |
| Name |
Category |
Solves |
Difficulty |
Keywords |
| noteKeeper |
web |
2 |
★★★★★ |
xss, JSONP, service workers, sec-fetch-dest, MediaRecorder |
| vm-calc |
web |
2 |
★★★☆☆ |
js trivia, vm2, CVE-2022-21824 |
| denoblog |
web |
3 |
★★★★☆ |
deno, ejs, nginx temp file buffering, deno sbx escape, pwn |
This was a CTF I wrote challenges for, hosted by Intigriti. I forgot to record solve counts. I cowrote these challenges with BrunoZero.
| Name |
Category |
Solves |
Difficulty |
Keywords |
| DeadTube |
web |
many |
★☆☆☆☆ |
dns rebinding, ssrf, redirect |
| contact-alex |
web |
7? |
★★☆☆☆ |
jwt, xss, path traversal, ssti |
| Name |
Category |
Solves |
Difficulty |
Keywords |
| payment-pal |
web |
3 |
★★★☆☆ |
prototype pollution, caching, xss, history, aes |
| Name |
Category |
Solves |
Difficulty |
Keywords |
| jsonquiz |
web |
573 |
★☆☆☆☆ |
baby, POST request |
| simplewaf |
web |
28 |
★★☆☆☆ |
WAF bypass, NodeJS source reading |
| rustshop |
web |
13 |
★★★☆☆ |
Rust, Axum library, deserialization |
| modernblog |
web |
1 |
★★★★★ |
React, CSS injection, novel DOM clobbering |
| babypwn |
pwn |
114 |
★☆☆☆☆ |
Rust, unsafe, printf, ret2libc |
| solidarity |
pwn |
6 |
★★☆☆☆ |
baby solana, account confusion, missing checks |
| sbxcalc |
pwn |
11 |
★★★☆☆ |
vm2, js calculator, proxy, golf |
| Name |
Category |
Solves |
Difficulty |
Keywords |
| Crab Commodities |
web |
30 |
★★★☆☆ |
Rust, race condition, overflow |
| Safelist |
web |
3 |
★★★★☆ |
XS-leak, DOMPurify, connection pool |
| Obligatory Calc |
web |
1 |
★★★★★ |
XSS, postMessage, DOM clobbering, null origin sandboxing |
| Name |
Category |
Solves |
Difficulty |
Keywords |
| the cult of 8 bit |
web |
?? |
★★★★☆ |
XSS, SOME, CSP, iframe allow attribute |
| Name |
Category |
Solves |
Difficulty |
Keywords |
| recursive-csp |
web |
178 |
★☆☆☆☆ |
xss, PHP, CSP nonce, crc32 |
| unfinished |
web |
14 |
★★★☆☆ |
express, mongodb wire protocol, curl, ssrf |
| jwtjail |
web |
3 |
★★★★☆ |
nodejs, jail, process.binding, vm escape |
| chess.rs |
pwn |
2 |
★★★★★ |
rust, wasm, uaf, unsoundness, no unsafe |
| Name |
Category |
Solves |
Difficulty |
Keywords |
| crabspace |
web |
4 |
★★★★☆ |
rust, xss, WebRTC, side-channel |
| leakynote |
web |
3 |
★★★★☆ |
xs-leaks, timing attack |
| pdf-pal |
web |
2 |
★★★★★ |
PDF, dns rebinding |
| baby-wallet |
blockchain |
24 |
★☆☆☆☆ |
solidity |
| tribunal |
blockchain |
10 |
★★★☆☆ |
solana, bump seed canonicalization |
| touch-grass |
misc |
89 |
★★★★★ |
grass, impossible |
| msfrogofwar2 |
misc |
5 |
★★★☆☆ |
chess, frogs |
| Name |
Category |
Solves |
Difficulty |
Keywords |
| Golf Jail |
web |
16 |
★★★☆☆ |
xss, golf, WebRTC |
| Leakless Note |
web |
4 |
★★★★★ |
xs-leaks, timing attack, postMessage |