CIA
Initializing Cyber Invasion
Home Shinigami Soul Society Archives Contact Enlist →
Writeups

Capture Reports

Challenge breakdowns and solve paths from our CTF runs.

Hack Er Hat 2026 CTF Reverse Writeups 24 May 2026

Hack Er Hat 2026 CTF Reverse Writeups

Writeups for the Hack Er Hat 2026 CTF reverse engineering challenge pack: XOR encoding, binary patching, constructor tricks, and a custom VM.

joyboy__
CTFReverse EngineeringWriteupHack Er Hat
Echo in the Static 24 May 2026

Echo in the Static

CTF writeup for Echo in the Static: recovering an AES-256-GCM encrypted flag from a passphrase hidden in the challenge title, then decoding audio steganography.

Carnage_
CTFCryptographySteganographyAESWriteup
Slime Smile — Steganography Analysis 24 May 2026

Slime Smile — Steganography Analysis

CTF writeup for Slime Smile: recovering a flag hidden in the LSB of the blue channel of a PNG image using zsteg.

Carnage_
CTFSteganographyLSBPNGWriteup
Stego Royale 24 May 2026

Stego Royale

CTF writeup for Stego Royale: extracting a real flag from a multi-layer MP4 challenge involving spectrogram analysis, video-bit decoding, EOF ZIP carving, XOR, and zlib decompression.

Carnage_
CTFSteganographyForensicsAudioWriteup
TJCTF — rev/polaroid 24 May 2026

TJCTF — rev/polaroid

Reverse engineering writeup for TJCTF polaroid: recovering a hardcoded password from ARM64 byte-by-byte comparisons, XOR-decrypting an embedded PNG, and rotating the inverted image to reveal the flag.

Carnage_
CTFReverse EngineeringTJCTFXORWriteup
TJCTF — rev/remoose 24 May 2026

TJCTF — rev/remoose

Reverse engineering writeup for TJCTF remoose: repairing a deliberately corrupted ELF binary by fixing the magic bytes and replacing NUL-byte corruption, then reconstructing the flag from character constants in helper routines.

Carnage_
CTFReverse EngineeringTJCTFELFWriteup
TJCTF — rev/rotated 24 May 2026

TJCTF — rev/rotated

Reverse engineering writeup for TJCTF rotated: reversing a per-byte 0x1d shift to recover a hidden ELF, extracting and deobfuscating a shell script payload, and base64-decoding the embedded flag.

Carnage_
CTFReverse EngineeringTJCTFELFWriteup
Byteforge Terminal 18 May 2026

Byteforge Terminal

Web exploitation writeup chaining SQL injection, Jinja SSTI, and a SUID helper to read the flag.

Carnage_
EWU National ROBOFESTWebSSTISQL InjectionCTF
Format String GOT Hijack 18 May 2026

Format String GOT Hijack

Binary exploitation writeup for redirecting exit@GOT to win() with format-string halfword writes.

Carnage
EWU National ROBOFESTPwnFormat StringCTF
Mem 1 18 May 2026

Mem 1

Memory forensics writeup for recovering a flag hidden in a suspicious Sticky Notes command-line argument.

Carnage
EWU National ROBOFESTMemory ForensicsWindowsCTF
Mem 2 18 May 2026

Mem 2

Memory forensics writeup for decoding a single-byte XOR-obfuscated blob recovered from explorer.exe memory.

Carnage
EWU National ROBOFESTMemory ForensicsXORCTF
Mem 3 18 May 2026

Mem 3

Memory forensics writeup for reassembling XOR-encoded CTXBLK fragments hidden in conhost.exe memory.

Carnage
EWU National ROBOFESTMemory ForensicsXORCTF
Mem_Ghost in the Drive 18 May 2026

Mem_Ghost in the Drive

Memory forensics writeup for recovering a previous DumpIt memory capture filename from Windows RAM.

Carnage
EWU National ROBOFESTMemory ForensicsWindowsCTF
Mem_Ready to Send 18 May 2026

Mem_Ready to Send

Memory forensics writeup for recovering a Base64 staged exfiltration payload hidden behind a SYSLOG marker.

Carnage
EWU National ROBOFESTMemory ForensicsBase64CTF
RABCTF 2026 Reverse Writeups 23 Apr 2026

RABCTF 2026 Reverse Writeups

Writeups for the RABCTF 2025 reverse challenge category: Strings, Password Checker, and XOR Baby.

joyboy__
CTFReverse EngineeringRABCTFWriteup
Al Khwarizmi CTF Contest 16 Dec 2025

Al Khwarizmi CTF Contest

Writeups from ShibirCTF 2025 covering reverse engineering challenges, steganography, and forensics.

joyboy__
CTFReverse EngineeringSteganographyForensicsWriteup