├── .github └── workflows │ ├── deploy.yml │ └── markdown.yml ├── .gitignore ├── .lycheeignore ├── CODEOWNERS ├── LICENSE ├── README.md ├── SUMMARY.md ├── book.toml ├── contrib.md ├── exploits ├── README.md ├── binary1.md ├── binary1_workshop │ ├── easy │ │ ├── EasyServer.c │ │ ├── easy32 │ │ ├── easy_key │ │ └── makefile │ └── social_format │ │ ├── host.sh │ │ ├── key │ │ ├── makefile │ │ ├── social │ │ └── social.c ├── binary2.md ├── binary2_source │ ├── brute_cookie │ │ ├── bc.c │ │ └── makefile │ ├── not_enough_space │ │ ├── host.sh │ │ ├── makefile │ │ └── space.c │ └── rop_mixer │ │ ├── host.sh │ │ ├── makefile │ │ ├── rop.s │ │ └── rop_mixer.c ├── binary2_workshop │ ├── brute_cookie │ │ └── bc │ ├── not_enough_space │ │ ├── host.sh │ │ └── space │ └── rop_mixer │ │ ├── host.sh │ │ └── rop_mixer └── references │ ├── acsac09.pdf │ ├── formatstring-1.2.pdf │ ├── no-nx.pdf │ └── tr-2007-153.pdf ├── forensics └── README.md ├── intro ├── README.md ├── careers.md └── find.md ├── theme ├── favicon.png └── favicon.svg ├── toolkits ├── README.md └── prep.md ├── tradecraft ├── README.md └── case_studies.md ├── vulnerabilities ├── README.md ├── binary.md ├── binary_workshop │ ├── cmu_bomb │ └── rpi_bomb ├── references │ ├── Dowd_ch06.pdf │ ├── EssentialC.pdf │ ├── IDA_Pro_Shortcuts.pdf │ ├── X86_Win32_Reverse_Engineering_Cheat_Sheet.pdf │ ├── antidebug.pdf │ └── gdb-refcard-a4.pdf ├── source.md └── source_workshop │ ├── news_install.sh │ └── news_server.c └── web ├── exploits.md ├── references └── phpprimer_v0.1.pdf ├── vulnerabilities.md └── workshop └── siberia.zip /.github/workflows/deploy.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/.github/workflows/deploy.yml -------------------------------------------------------------------------------- /.github/workflows/markdown.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/.github/workflows/markdown.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | docs/ 2 | _book/ 3 | .DS_Store 4 | node_modules 5 | -------------------------------------------------------------------------------- /.lycheeignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/.lycheeignore -------------------------------------------------------------------------------- /CODEOWNERS: -------------------------------------------------------------------------------- 1 | * @disconnect3d 2 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/README.md -------------------------------------------------------------------------------- /SUMMARY.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/SUMMARY.md -------------------------------------------------------------------------------- /book.toml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/book.toml -------------------------------------------------------------------------------- /contrib.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/contrib.md -------------------------------------------------------------------------------- /exploits/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/README.md -------------------------------------------------------------------------------- /exploits/binary1.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/binary1.md -------------------------------------------------------------------------------- /exploits/binary1_workshop/easy/EasyServer.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/binary1_workshop/easy/EasyServer.c -------------------------------------------------------------------------------- /exploits/binary1_workshop/easy/easy32: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/binary1_workshop/easy/easy32 -------------------------------------------------------------------------------- /exploits/binary1_workshop/easy/easy_key: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/binary1_workshop/easy/easy_key -------------------------------------------------------------------------------- /exploits/binary1_workshop/easy/makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/binary1_workshop/easy/makefile -------------------------------------------------------------------------------- /exploits/binary1_workshop/social_format/host.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | socat TCP-LISTEN:12347,reuseaddr,fork EXEC:./social 3 | -------------------------------------------------------------------------------- /exploits/binary1_workshop/social_format/key: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/binary1_workshop/social_format/key -------------------------------------------------------------------------------- /exploits/binary1_workshop/social_format/makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/binary1_workshop/social_format/makefile -------------------------------------------------------------------------------- /exploits/binary1_workshop/social_format/social: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/binary1_workshop/social_format/social -------------------------------------------------------------------------------- /exploits/binary1_workshop/social_format/social.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/binary1_workshop/social_format/social.c -------------------------------------------------------------------------------- /exploits/binary2.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/binary2.md -------------------------------------------------------------------------------- /exploits/binary2_source/brute_cookie/bc.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/binary2_source/brute_cookie/bc.c -------------------------------------------------------------------------------- /exploits/binary2_source/brute_cookie/makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/binary2_source/brute_cookie/makefile -------------------------------------------------------------------------------- /exploits/binary2_source/not_enough_space/host.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | socat TCP-LISTEN:12348,reuseaddr,fork EXEC:./space 3 | -------------------------------------------------------------------------------- /exploits/binary2_source/not_enough_space/makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/binary2_source/not_enough_space/makefile -------------------------------------------------------------------------------- /exploits/binary2_source/not_enough_space/space.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/binary2_source/not_enough_space/space.c -------------------------------------------------------------------------------- /exploits/binary2_source/rop_mixer/host.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | socat TCP-LISTEN:12349,reuseaddr,fork EXEC:./rop_mixer 3 | -------------------------------------------------------------------------------- /exploits/binary2_source/rop_mixer/makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/binary2_source/rop_mixer/makefile -------------------------------------------------------------------------------- /exploits/binary2_source/rop_mixer/rop.s: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/binary2_source/rop_mixer/rop.s -------------------------------------------------------------------------------- /exploits/binary2_source/rop_mixer/rop_mixer.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/binary2_source/rop_mixer/rop_mixer.c -------------------------------------------------------------------------------- /exploits/binary2_workshop/brute_cookie/bc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/binary2_workshop/brute_cookie/bc -------------------------------------------------------------------------------- /exploits/binary2_workshop/not_enough_space/host.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | socat TCP-LISTEN:12348,reuseaddr,fork EXEC:./space 3 | -------------------------------------------------------------------------------- /exploits/binary2_workshop/not_enough_space/space: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/binary2_workshop/not_enough_space/space -------------------------------------------------------------------------------- /exploits/binary2_workshop/rop_mixer/host.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | socat TCP-LISTEN:12349,reuseaddr,fork EXEC:./rop_mixer 3 | -------------------------------------------------------------------------------- /exploits/binary2_workshop/rop_mixer/rop_mixer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/binary2_workshop/rop_mixer/rop_mixer -------------------------------------------------------------------------------- /exploits/references/acsac09.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/references/acsac09.pdf -------------------------------------------------------------------------------- /exploits/references/formatstring-1.2.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/references/formatstring-1.2.pdf -------------------------------------------------------------------------------- /exploits/references/no-nx.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/references/no-nx.pdf -------------------------------------------------------------------------------- /exploits/references/tr-2007-153.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/exploits/references/tr-2007-153.pdf -------------------------------------------------------------------------------- /forensics/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/forensics/README.md -------------------------------------------------------------------------------- /intro/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/intro/README.md -------------------------------------------------------------------------------- /intro/careers.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/intro/careers.md -------------------------------------------------------------------------------- /intro/find.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/intro/find.md -------------------------------------------------------------------------------- /theme/favicon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/theme/favicon.png -------------------------------------------------------------------------------- /theme/favicon.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/theme/favicon.svg -------------------------------------------------------------------------------- /toolkits/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/toolkits/README.md -------------------------------------------------------------------------------- /toolkits/prep.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/toolkits/prep.md -------------------------------------------------------------------------------- /tradecraft/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/tradecraft/README.md -------------------------------------------------------------------------------- /tradecraft/case_studies.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/tradecraft/case_studies.md -------------------------------------------------------------------------------- /vulnerabilities/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/vulnerabilities/README.md -------------------------------------------------------------------------------- /vulnerabilities/binary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/vulnerabilities/binary.md -------------------------------------------------------------------------------- /vulnerabilities/binary_workshop/cmu_bomb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/vulnerabilities/binary_workshop/cmu_bomb -------------------------------------------------------------------------------- /vulnerabilities/binary_workshop/rpi_bomb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/vulnerabilities/binary_workshop/rpi_bomb -------------------------------------------------------------------------------- /vulnerabilities/references/Dowd_ch06.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/vulnerabilities/references/Dowd_ch06.pdf -------------------------------------------------------------------------------- /vulnerabilities/references/EssentialC.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/vulnerabilities/references/EssentialC.pdf -------------------------------------------------------------------------------- /vulnerabilities/references/IDA_Pro_Shortcuts.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/vulnerabilities/references/IDA_Pro_Shortcuts.pdf -------------------------------------------------------------------------------- /vulnerabilities/references/X86_Win32_Reverse_Engineering_Cheat_Sheet.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/vulnerabilities/references/X86_Win32_Reverse_Engineering_Cheat_Sheet.pdf -------------------------------------------------------------------------------- /vulnerabilities/references/antidebug.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/vulnerabilities/references/antidebug.pdf -------------------------------------------------------------------------------- /vulnerabilities/references/gdb-refcard-a4.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/vulnerabilities/references/gdb-refcard-a4.pdf -------------------------------------------------------------------------------- /vulnerabilities/source.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/vulnerabilities/source.md -------------------------------------------------------------------------------- /vulnerabilities/source_workshop/news_install.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/vulnerabilities/source_workshop/news_install.sh -------------------------------------------------------------------------------- /vulnerabilities/source_workshop/news_server.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/vulnerabilities/source_workshop/news_server.c -------------------------------------------------------------------------------- /web/exploits.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/web/exploits.md -------------------------------------------------------------------------------- /web/references/phpprimer_v0.1.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/web/references/phpprimer_v0.1.pdf -------------------------------------------------------------------------------- /web/vulnerabilities.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/web/vulnerabilities.md -------------------------------------------------------------------------------- /web/workshop/siberia.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/ctf/HEAD/web/workshop/siberia.zip --------------------------------------------------------------------------------