Posts

Articles and guides of various topics, techniques, and so on in relation to CTF challenges.

reverse-engineeringpythonbytecodepyinstallerctf-tools

Python Reversing for CTF: Bytecode, Frozen Binaries, and Obfuscated Scripts

Decompile Python bytecode, unpack PyInstaller executables, and peel exec-obfuscation layers. Everything you need to reverse engineer Python CTF challenges.

June 14, 2026

binary-exploitationpwnstack-canaryformat-stringctf-tools

Stack Canary Bypass for CTF: Leak It, Brute It, or Walk Around It

Stuck at '*** stack smashing detected ***' on a picoCTF binary? Stack canary bypass, three ways: leak it with a format string, brute-force it across forks, or never cross it at all.

June 11, 2026

reverse-engineeringz3smt-solverconstraint-solvingctf-toolscryptography

z3 for CTF: Constraint Solving from Keychecks to Crypto

A z3 solver tutorial for CTF: the four-move script skeleton, the BitVec-vs-Int type trap that silently breaks solutions, and when z3 beats angr or brute force.

June 9, 2026

binary-exploitationpwnshellcodex86-64assemblypwntoolsctf-tools

Writing x86-64 Shellcode for CTF: From Syscall to Shell

Hand-write null-free x86-64 execve('/bin/sh') shellcode from scratch, fire it with pwntools, and debug it in GDB. The syscall is easy. Surviving the filter is the craft.

June 7, 2026

reverse-engineeringandroidapkjadxsmalictf-tools

Android APK Reverse Engineering for CTF: From .apk to Flag

Android is the friendliest target in CTF reversing: an APK is a ZIP, and Dalvik bytecode decompiles back to near-original Java. Walk the picoCTF droids ladder from a flag in logcat to a one-line smali patch, and learn the re-signing trick that quietly breaks on modern Android.

June 5, 2026

web-exploitationssrfctf-toolsappsec

SSRF for CTF: From localhost Pivots to Cloud Metadata

Server-Side Request Forgery for CTF, explained as one question: whose network does the server trust? The ladder from a url= parameter to 127.0.0.1, cloud metadata, and gopher RCE.

June 3, 2026

cryptographyelliptic-curvesecdsadiscrete-logctf-tools

Elliptic Curves for CTF: The Discrete Log Is the Whole Game

Elliptic curve and discrete-log challenges break for two reasons: the group order wasn't hard (Pohlig-Hellman) or the protocol leaked the secret (ECDSA nonce reuse). Read the parameters, not the algebra.

June 1, 2026

cryptographyclassical-cipherscaesar-ciphervigeneresubstitution-cipherctf-toolsbeginner

Classical Ciphers for CTF: Caesar, Vigenère, and Substitution

The hard part of a Caesar or Vigenère CTF challenge isn't the math, it's the ten seconds of recognition. Learn the four tells that name any classical cipher on sight, then break it in one click.

May 30, 2026

web-exploitationinsecure-deserializationpicklepythonrcectf-toolsml-security

Insecure Deserialization for CTF: Pickle, reduce, and RCE

Loading a pickle file runs code, not data. The same Python __reduce__ exploit that solves a CTF is the insecure-deserialization RCE pwning AI infra in 2026. Here is exactly why.

May 25, 2026