Home

Awesome

CTFSolutionTypes

This page will list abstracted Capture the Flag (CTF) solutions for the purpose of helping testers think creatively and quickly when either doing CTF challenges or real-world assessments. I will primarily be adding content from web-based challenges because that's where my expertise lies, but I will happily add content to the other types when I come across them or as I receive <a href="mailto:daniel@danielmiessler.com">submissions</a>.

The concept is simple: testers' minds sometimes go blank when staring at a CTF or a real-world challenge, and I thought it'd be helpful to provide a list of <em>types</em> of solution that are possible to prompt the creative juices. So the idea is that you'd get stuck in a particular challenge, review this list, and think, "Oh, damn, forgot to check that!". In short, most CTF solutions (and real-world vulnerabilities as well for that matter) fall into a depressingly small number of categories, and being able to quickly find vulns within them is potentially quite valuable.