picoCTF Solutions
General SkillsAdvanced

Advanced General Skills

The foundations path covered the terminal, git, and number systems. This one pushes into the harder general challenges: breaking out of locked-down shells, exploiting integer-overflow logic bugs, scripting solvers with pwntools, decoding esoteric languages, and driving real tooling like kubectl and YARA. A solid command-line and scripting base is assumed.

New to this category? Start withGeneral Skillsfirst.
5 steps·15 challenges
  1. Step 01

    Restricted Shell Escapes

    A restricted shell blocks the obvious commands, so you reach the flag through the gaps: shell globbing and echo when cat is banned, built-in command execution inside nano, or a man page that scrolls past the flag. Learning what still works when your toolbox is taken away is a core skill.

    Special

    picoCTF 2023

    Medium

    Specialer

    picoCTF 2023

    Medium

    ABSOLUTE NANO

    picoCTF 2026

    Medium
  2. Step 02

    Logic and Integer Bugs

    Some flags fall to a flaw in the program's logic rather than the system. flag_shop wraps the cost calculation negative with a signed integer overflow to mint coins, and Failure Failure abuses session-affinity headers to make a load balancer hand over the flag. Read the logic, find the assumption it breaks on.

    flag_shop

    picoCTF 2019

    Medium

    Failure Failure

    picoCTF 2026

    Medium
  3. Step 03

    Scripting and Automation

    When the work is too tedious for a human, you script it. These challenges make you diff two files byte-by-byte to spell out a flag, read ELF symbol addresses with pwntools and send them per round, and drive a decryption helper from the command line. This is the automation muscle every other category leans on.

    whats-the-difference

    picoCTF 2019

    Medium

    bytemancy 3

    picoCTF 2026

    Medium

    Python Wrangling

    picoCTF 2021

    Medium
  4. Step 04

    Esoteric Languages

    CTF authors love hiding logic in languages designed to be unreadable. Rockstar reads like song lyrics but runs like code, and these challenges make you interpret or edit such programs to redirect output to the flag. The skill is recognizing that strange text is actually an executable program.

    1_wanna_b3_a_r0ck5tar

    picoCTF 2019

    Medium

    mus1c

    picoCTF 2019

    Medium

    Serpentine

    Beginner picoMini 2022

    Medium
  5. Step 05

    Modern Security Tooling

    The hardest general-skills challenges expect you to know professional tooling. You list and decode a Kubernetes Secret with kubectl, write a YARA rule that a remote grader accepts against a UPX-packed PE, and work through a multi-stage printer-sharing service. This is where general skills meets real-world security operations.

    KSECRETS

    picoCTF 2026

    Medium

    YaraRules0x100

    picoCTF 2025

    Medium

    Printer Shares 2

    picoCTF 2026

    Hard

    Printer Shares 3

    picoCTF 2026

    Hard
All guided paths