The article examines how rapid advances in large language models—from GPT‑4 to Mythos—have automated most CTF challenges, reshaping leaderboards, prompting top teams to quit, and forcing the security community to rethink competition formats, talent assessment, and education.
An in‑depth analysis of Linux Memory Protection Keys (pkeys), their x86_64 and arm64 implementations, related syscalls, and a step‑by‑step exploit that randomises PKRU permissions and then uses WRPKRU to bypass the restrictions and capture the flag in a CTF PWN challenge.
This guide walks you through rebuilding a fragmented EXE file, fixing a hidden byte error, analyzing its PE structure with IDA, and three ways to bypass the license check—by writing a DLL, patching the binary, or directly decoding the hidden flag.
This article compiles a comprehensive, categorized collection of penetration testing resources—including anonymity tools, antivirus evasion utilities, books, CTF frameworks, Docker containers, network analysis tools, OSINT platforms, and more—providing security professionals and researchers with a valuable reference for offensive security engagements.
This comprehensive collection presents a curated list of penetration testing resources—including anonymity tools, antivirus‑evasion utilities, books, CTF frameworks, Docker containers for vulnerable systems, network analysis utilities, OSINT services, reverse‑engineering tools, and security education materials—providing security professionals and researchers with a valuable reference for offensive security testing and learning.
After a grueling 30‑hour showdown in Shanghai, the 2019 Tencent Information Security Competition crowned r3kapig as international champion with Balsn and Tea Deliverers trailing, while Fudan’s Whitzard seized the New Star title and a DEF CON berth, highlighting Chinese dominance, cutting‑edge cloud/IoT challenges, live commentary, and Tencent’s role in cultivating cybersecurity talent across universities.
This report details the analysis of a JD security CTF challenge that uses a Keras deep‑learning model to detect function entry points in binary code, describing the environment, manual data processing, model inspection, training adjustments, and optimization steps to achieve correct detection.
This guide walks through setting up Docker containers for i386/amd64 Linux pwn challenges, configuring IDA remote debugging, and automating interactions with pwntools, providing step‑by‑step commands, code snippets, and practical tips for beginners.
This article demonstrates multiple techniques for abusing the PATH environment variable and SUID binaries on Linux systems to gain root privileges, providing step‑by‑step lab setup, C source examples, compilation commands, and exploitation methods commonly used in CTF challenges.
This article provides a comprehensive overview of classic text encodings and simple ciphers frequently encountered in CTF challenges, detailing ASCII, Base64, URL, Unicode, various substitution and transposition ciphers, as well as practical encoding/decoding examples and useful online tools.
