Analyze the finals artifacts to reverse engineer a .NET malware chain, decrypt C2-delivered DLL payloads, and recover the flag.
Analyze a Kramer-encrypted PYC binary and its staged shellcode to extract the final payload and recover the flag.
Locate and extract the flag by investigating a provided file or image (`zero:welcome`). The goal is to navigate the user profile and identify credentials or indicators of compromise from accessible paths.
Identify and decode a simple obfuscated message left by a previous user.
Exploit a vulnerable login form in OWASP Juice Shop using classic SQL Injection techniques to retrieve the flag.
Access and manipulate a custom Rubik’s Cube web challenge under restricted user sessions to retrieve the flag.
Exploit session manipulation in OWASP Juice Shop to gain access to another user's basket and retrieve the flag.
Exploit a vulnerable custom web application that evaluates function names passed via URL parameters without proper validation.
Exploit OWASP Juice Shop by registering a user with empty input values to trigger a vulnerable behavior and obtain the flag.
Interact with a restricted terminal environment and extract the contents of the `flag.txt` file using limited command-line capabilities.