Capture Reports
Challenge breakdowns and solve paths from our CTF runs.
24 May 2026 Hack Er Hat 2026 CTF Reverse Writeups
Writeups for the Hack Er Hat 2026 CTF reverse engineering challenge pack: XOR encoding, binary patching, constructor tricks, and a custom VM.
24 May 2026 Echo in the Static
CTF writeup for Echo in the Static: recovering an AES-256-GCM encrypted flag from a passphrase hidden in the challenge title, then decoding audio steganography.
24 May 2026 Slime Smile — Steganography Analysis
CTF writeup for Slime Smile: recovering a flag hidden in the LSB of the blue channel of a PNG image using zsteg.
24 May 2026 Stego Royale
CTF writeup for Stego Royale: extracting a real flag from a multi-layer MP4 challenge involving spectrogram analysis, video-bit decoding, EOF ZIP carving, XOR, and zlib decompression.
24 May 2026 TJCTF — rev/polaroid
Reverse engineering writeup for TJCTF polaroid: recovering a hardcoded password from ARM64 byte-by-byte comparisons, XOR-decrypting an embedded PNG, and rotating the inverted image to reveal the flag.
24 May 2026 TJCTF — rev/remoose
Reverse engineering writeup for TJCTF remoose: repairing a deliberately corrupted ELF binary by fixing the magic bytes and replacing NUL-byte corruption, then reconstructing the flag from character constants in helper routines.
24 May 2026 TJCTF — rev/rotated
Reverse engineering writeup for TJCTF rotated: reversing a per-byte 0x1d shift to recover a hidden ELF, extracting and deobfuscating a shell script payload, and base64-decoding the embedded flag.
18 May 2026 Byteforge Terminal
Web exploitation writeup chaining SQL injection, Jinja SSTI, and a SUID helper to read the flag.
18 May 2026 Format String GOT Hijack
Binary exploitation writeup for redirecting exit@GOT to win() with format-string halfword writes.
18 May 2026 Mem 1
Memory forensics writeup for recovering a flag hidden in a suspicious Sticky Notes command-line argument.
18 May 2026 Mem 2
Memory forensics writeup for decoding a single-byte XOR-obfuscated blob recovered from explorer.exe memory.
18 May 2026 Mem 3
Memory forensics writeup for reassembling XOR-encoded CTXBLK fragments hidden in conhost.exe memory.
18 May 2026 Mem_Ghost in the Drive
Memory forensics writeup for recovering a previous DumpIt memory capture filename from Windows RAM.
18 May 2026 Mem_Ready to Send
Memory forensics writeup for recovering a Base64 staged exfiltration payload hidden behind a SYSLOG marker.
23 Apr 2026 RABCTF 2026 Reverse Writeups
Writeups for the RABCTF 2025 reverse challenge category: Strings, Password Checker, and XOR Baby.
16 Dec 2025 Al Khwarizmi CTF Contest
Writeups from ShibirCTF 2025 covering reverse engineering challenges, steganography, and forensics.