Last update: 12.01.2021

Solved Challenges

root_me - rootme.ctf
- Bash - System 1 [video]
- sudo - weak configuration
- HTML - Source code
- IP - Time To Live
- Bluetooth - Unknown file
- TELNET - authentication
- Twitter authentication
- ETHERNET - frame
- FTP - authentication
- HTML - Source code
- HTTP - Open redirect
- HTTP - User-agent
- Weak password
- PHP - Command injection
- HTML - disabled buttons
- Javascript - Authentication
- Javascript - Source
- HTTP - Directory indexing
- Backup file
- HTTP - POST
- HTTP - Improper redirect
- File upload - Double extensions
- HTTP - Cookies
- HTTP - Headers
- HTTP - Verb tampering
- Bash - System 2
- Command & Control - level 2
- Command & Control - level 5
- Encoding - UU
- Gunnm
- Squared
- Bash - cron
- DNS - zone transfert
- LDAP - null bind
- SIP - authentication
- ELF x86 - 0 protection
- ELF x86 - Basic
- Find the cat
- Command & Control - level 3
- File upload - MIME type
- Install files
- Directory traversal
- File upload - Null byte
- SQL injection - Authentication
- Local File Inclusion
- CISCO - password
- Netfilter - common mistakes
- ICMP payload
- Hash - Message Digest 5
- Yellow dots
- PHP-eval
- We need to go deeper
- Steganomobile
- Javascript - Authentication 2
- Javascript - Obfuscation 1
- Javascript - Obfuscation 2
- Ugly Duckling
- Active Directory - GPO
- Dot and next line
- Some noise
- Twitter Secret Messages
- ELF x86 - Stack buffer overflow basic 1

ctflearn.com - ctflearn.ctf
- Milk's Best Friend
- POST Practice
- Git Is Good
- 07601
- BruXOR
- Lazy Game Challenge
- Reverse Polarity
- HyperStream Test #2
- Morse Code
- Vigenere Cipher
- QR Code
- Base 2 2 the 6
- QR Code v2
- WOW.... So Meta
- IP Tracer
- Wikipedia
- Hextroadinary
- Basic Injection
- Reversal of fortune
- Practice Flag
- Character Encoding
- Binwalk
- Where Can My Robot Go?
- Forensics 101
- Taking LS
- Exif
- I'm a dump
- Rubber Duck
- office flag
- Tux!
- Snowboard
- Simple Steganography
- PikesPeak
- Chalkboard

tryhackme.com - tryhackme.ctf
- Blue
- Vulnversity
- [Task 6] Check you're connected
- Bonus Challenge - The True Ending
- [Task 33] Binary - Shiba3
- [Task 21] Binary - Shiba2
- [Task 11] Binary - Shiba1
- Web Fundamentals
- Simple CTF
- OhSINT
- Introductory Researching
- Crack the hash
- Sublist3r
- Metasploit
- Web Scanning
- Shodan.io
- PS Empire
- tmux
- Inclusion
- Injection
- Geolocating Images
- Ninja Skills
- Basic Pentesting
- Lian_Yu
- Bounty Hacker
- Git Happens
- Poster
- RootMe
- c4ptur3-th3-fl4g
- Anthem
- Agent Sudo
- kiba
- LazyAdmin
- Tony the Tiger
- WebAppSec 101
- Overpass 2 - Hacked

overthewire.org - Bandit.ctf
- Level 1
- Level 2
- Level 3
- Level 4
- Level 5
- Level 6
- Level 7
- Level 8
- Level 9
- Level 10
- Level 11
- Level 12
- Level 13
- Level 14
- Level 15
- Level 16
- Level 17
- Level 18
- Level 19
- Level 20
- Level 21
- Level 22
- Level 23
- Level 24
- Level 25
- Level 26
- Level 27
- Level 28
- Level 29
- Level 30
- Level 31
- Level 32
- Level 33

overthewire.org - Krypton.ctf
- Level 0
- Level 1

overthewire.org - Natas.ctf
- Level 0
- Level 1
- Level 2
- Level 3
- Level 4
- Level 5
- Level 6
- Level 7
- Level 8
- Level 9
- Level 10

overthewire.org - Leviathan.ctf
- Level 1
- Level 2
- Level 3
- Level 4
- Level 5
- Level 6
- Level 7

bwapp - bwapp.ctf
- HTML Injection - Reflected (GET)
- HTML Injection - Reflected (POST)
- HTML Injection - Reflected (URL)
- HTML Injection - Stored (Blog)
- iFrame Injection

dvwa - dvwa.ctf
- Brute Force
- Command Injection
- CSRF
- File Inclusion
- File Upload
- SQL Injection
- Weak Session IDs
- XSS (DOM)
- XSS (Reflected)
- XSS (Stored)
- CSP Bypass
- JavaScript
- Brute Force
- Command Injection