ctf-misc
Miscellaneous CTF techniques covering encoding, signal processing, sandbox escape, and system exploitation.
- Covers 20+ technique categories including Python/Bash jail escape, RF/SDR signal processing, DNS exploitation, Unicode steganography, QR codes, Z3 constraint solving, and WASM patching
- Includes quick-reference commands for common encodings (Base64, Base32, Hex, ROT13), IEEE-754 float data hiding, and cipher identification workflows
- Provides Linux privilege escalation techniques: sudo wildcard injection, monit command injection, PostgreSQL RCE, Docker group abuse, and SUID binary exploitation
- Supports game/VM challenges: PyInstaller extraction, marshal bytecode analysis, Flask cookie decoding, WebSocket manipulation, LoRA weight merging, and Brainfuck instrumentation
- Requires filesystem-based agent with bash, Python 3, and internet access for tool installation
CTF Miscellaneous
Quick reference for miscellaneous CTF challenges. Each technique has a one-liner here; see supporting files for full details.
Prerequisites
Python packages (all platforms):
pip install z3-solver pwntools Pillow numpy requests dnslib
Linux (apt):
apt install ffmpeg qrencode
macOS (Homebrew):
brew install ffmpeg qrencode
More from ljagiello/ctf-skills
ctf-reverse
Provides reverse engineering techniques for CTF challenges. Use when the main job is to understand how a compiled, obfuscated, packed, or virtualized target works before exploiting or solving it, including binaries, APKs, WASM, firmware, custom VMs, bytecode, game clients, malware-like loaders, and anti-debug or anti-analysis logic. Do not use it when the vulnerability is already understood and the remaining task is exploitation; use pwn instead. Do not use it for pure web workflows, log or disk forensics, or standalone crypto problems unless reversing the implementation is the real blocker.
3.7Kctf-web
Provides web exploitation techniques for CTF challenges. Use when the target is primarily an HTTP application, API, browser client, template engine, identity flow, or smart-contract frontend/backend surface, including XSS, SQLi, SSTI, SSRF, XXE, JWT, auth bypass, file upload, request smuggling, OAuth/OIDC, SAML, prototype pollution, and similar web bugs. Do not use it for native binary memory corruption, reverse engineering of standalone executables, disk or memory forensics, or pure cryptanalysis unless the web flaw is still the main path to the flag.
3.5Kctf-pwn
Provides binary exploitation techniques for CTF challenges. Use when you already have a vulnerable native target or service and need to turn memory corruption or low-level primitives into code execution or privilege escalation, such as buffer overflows, format strings, heap bugs, ROP, ret2libc, shellcode, kernel exploitation, seccomp bypass, sandbox escape, or Windows/Linux exploit chains. Do not use it when the main blocker is understanding what the binary does; use reverse engineering first. Do not use it for pure web bugs, disk or packet forensics, or standalone crypto/math challenges.
3.4Kctf-crypto
Provides cryptography attack techniques for CTF challenges. Use when attacking encryption, hashing, signatures, ZKP, PRNG, or mathematical crypto problems involving RSA, AES, ECC, lattices, LWE, CVP, number theory, Coppersmith, Pollard, Wiener, padding oracle, GCM, key derivation, or stream/block cipher weaknesses.
3.3Kctf-osint
Provides open source intelligence techniques for CTF challenges. Use when gathering information from public sources, social media, geolocation, DNS records, username enumeration, reverse image search, Google dorking, Wayback Machine, Tor relays, FEC filings, or identifying unknown data like hashes and coordinates.
3.3Kctf-forensics
Provides digital forensics and signal analysis techniques for CTF challenges. Use when analyzing disk images, memory dumps, event logs, network captures, cryptocurrency transactions, steganography, PDF analysis, Windows registry, Volatility, PCAP, Docker images, coredumps, side-channel power traces, DTMF audio spectrograms, packet timing analysis, CD audio disc images, or recovering deleted files and credentials.
3.3K