Last update: 21.03.2021

Solved Challenges

root_me - rootme.ctf
- Bash - System 1 [video]
- sudo - weak configuration
- HTML - Source code
- IP - Time To Live
- Bluetooth - Unknown file
- TELNET - authentication
- Twitter authentication
- ETHERNET - frame
- FTP - authentication
- HTML - Source code
- HTTP - Open redirect
- HTTP - User-agent
- Weak password
- PHP - Command injection
- HTML - disabled buttons
- Javascript - Authentication
- Javascript - Source
- HTTP - Directory indexing
- Backup file
- HTTP - POST
- HTTP - Improper redirect
- File upload - Double extensions
- HTTP - Cookies
- HTTP - Headers
- HTTP - Verb tampering
- Bash - System 2
- Command & Control - level 2
- Command & Control - level 5
- Encoding - UU
- Gunnm
- Squared
- Bash - cron
- DNS - zone transfert
- LDAP - null bind
- SIP - authentication
- ELF x86 - 0 protection
- ELF x86 - Basic
- Find the cat
- Command & Control - level 3
- File upload - MIME type
- Install files
- Directory traversal
- File upload - Null byte
- SQL injection - Authentication
- Local File Inclusion
- CISCO - password
- Netfilter - common mistakes
- ICMP payload
- Hash - Message Digest 5
- Yellow dots
- PHP-eval
- We need to go deeper
- Steganomobile
- Javascript - Authentication 2
- Javascript - Obfuscation 1
- Javascript - Obfuscation 2
- Ugly Duckling
- Active Directory - GPO
- Dot and next line
- Some noise
- Twitter Secret Messages
- ELF x86 - Stack buffer overflow basic 1

metactf.com - metactf.ctf
- Flag Format
- You.ve Got a Friend In Me (and Discord)
- Crypto Stands For Cryptography
- Forensics 101
- High Security Fan Page
- Baffling Buffer 0
- Barry's Web Application
- ROT26
- Starting in 1...2...3
- Big Breaches
- MetaCTF CyberGames Feedback
- Not So Itsy Bitsy Spider
- The Last Great ZIP File
- Finding Mr. Casyn
- Ring Ring
- Hangout Spots
- Everyone Loves Good Cookie
- Vulnerability Through Customizability
- Open Thermal Exhaust Port
- Mystery C2
- Just in Time
- Publish3r
- When Sqlmaps Attack!
- Diving into the Announcement
- Complete Transparency
- Watermarked

ctflearn.com - ctflearn.ctf
- Milk's Best Friend
- POST Practice
- Git Is Good
- 07601
- BruXOR
- Lazy Game Challenge
- Reverse Polarity
- HyperStream Test #2
- Morse Code
- Vigenere Cipher
- QR Code
- Base 2 2 the 6
- QR Code v2
- WOW.... So Meta
- IP Tracer
- Wikipedia
- Hextroadinary
- Basic Injection
- Reversal of fortune
- Practice Flag
- Character Encoding
- Binwalk
- Where Can My Robot Go?
- Forensics 101
- Taking LS
- Exif
- I'm a dump
- Rubber Duck
- office flag
- Tux!
- Snowboard
- Simple Steganography
- PikesPeak
- Chalkboard

tryhackme.com - tryhackme.ctf
- Blue
- Vulnversity
- [Task 6] Check you're connected
- Bonus Challenge - The True Ending
- [Task 33] Binary - Shiba3
- [Task 21] Binary - Shiba2
- [Task 11] Binary - Shiba1
- Web Fundamentals
- Simple CTF
- OhSINT
- Introductory Researching
- Crack the hash
- Sublist3r
- Metasploit
- Web Scanning
- Shodan.io
- PS Empire
- tmux
- Inclusion
- Injection
- Geolocating Images
- Ninja Skills
- Basic Pentesting
- Lian_Yu
- Bounty Hacker
- Git Happens
- Poster
- RootMe
- c4ptur3-th3-fl4g
- Anthem
- Agent Sudo
- kiba
- LazyAdmin
- Tony the Tiger
- WebAppSec 101
- Overpass 2 - Hacked

overthewire.org - Bandit.ctf
- Level 1
- Level 2
- Level 3
- Level 4
- Level 5
- Level 6
- Level 7
- Level 8
- Level 9
- Level 10
- Level 11
- Level 12
- Level 13
- Level 14
- Level 15
- Level 16
- Level 17
- Level 18
- Level 19
- Level 20
- Level 21
- Level 22
- Level 23
- Level 24
- Level 25
- Level 26
- Level 27
- Level 28
- Level 29
- Level 30
- Level 31
- Level 32
- Level 33

overthewire.org - Krypton.ctf
- Level 0
- Level 1

overthewire.org - Natas.ctf
- Level 0
- Level 1
- Level 2
- Level 3
- Level 4
- Level 5
- Level 6
- Level 7
- Level 8
- Level 9
- Level 10

overthewire.org - Leviathan.ctf
- Level 1
- Level 2
- Level 3
- Level 4
- Level 5
- Level 6
- Level 7

bwapp - bwapp.ctf
- HTML Injection - Reflected (GET)
- HTML Injection - Reflected (POST)
- HTML Injection - Reflected (URL)
- HTML Injection - Stored (Blog)
- iFrame Injection

dvwa - dvwa.ctf
- Brute Force
- Command Injection
- CSRF
- File Inclusion
- File Upload
- SQL Injection
- Weak Session IDs
- XSS (DOM)
- XSS (Reflected)
- XSS (Stored)
- CSP Bypass
- JavaScript
- Brute Force
- Command Injection