Art ContestVisit this website and submit your best ASCII art for a chance to become the 2023 ASCII Art Contest Winner. This year, everything will be graded by our automated grader. Winner gets a flag!Read writeup
GotionGotion is yet another simple secure note service. You might have seen these kind of applications many times before, but try this one!Read writeup
RacCoinWhy sweat when you can pay to win? š Don't worry, your purchases are completely anonymous because RacCoin (RCN) uses blockchain! RCN is completely open-source, so you know we are secureRead writeup
Star CerealThe Star Cereal has returned! This time with impenetrable security. You're never getting my cereal! http://starcereal.chall.seetf.sg:10004 MD5: 7c990f8e301da8cdf544af595ce62e24Read writeup
NotHandSanitizerā¢APOCALYPSE has recently implemented a security feature called NotHandSanitizerā¢ to secure their member login portal. We heard that there's a flag somewhere in their database, but we can't seem to find a working attack vector since SQL Injections seem impossible due to NotHandSanitizerā¢. Perhaps you could take a look for us?Read writeup
MeowareSpaceY Corp. has been hit by a meoware attack. Wait a second, what even is a meoware? Nevertheless, your job here is simple. Retrieve the stolen flag from their web servers before they vanish for good.Read writeup
X marks Louis's treasureFinding a web page that leads to Louis' hidden treasure on his server HEHEHEHE [chals.whitehacks.ctf.sg:50101](http://chals.whitehacks.ctf.sg:50101/)Read writeup
WAF BypassCan you get flag from the environment? [chals.whitehacks.ctf.sg:50401](http://chals.whitehacks.ctf.sg:50401/)Read writeup
BabyPHPJohn is trying to juggle between learning PHP and his other homework. Fortunately, he managed to complete his PHP task - creating a simple web login. He challenges you to find a way to bypass his login. Take a look at his PHP masterpiece now! [chals.whitehacks.ctf.sg:50201](http://chals.whitehacks.ctf.sg:50201/)Read writeup
JSONWe have found an internal system that is externally exposed. Retrieve the Flag from this system.Read writeup
Can't use DBCan't use DB. I have so little money that I can't even buy the ingredients for ramen. šRead writeup
Login portalDuring our investigations, we 've manage to find the [login portal](http://aiodmb3uswokssp2pp7eum8qwcsdf52r.ctf.sg:50201/) for APOCALYSE members. Seems like all you have to do is login to get the flag, but it seems to be pretty damn secure since they actually filter user input and use password hashes. :(Read writeup
Secret base 1APOCALYPSE hired an administrator improve the physical security of their secret base. Your task is to gain access to the physical security device. The flag for this challenge is similar to 15{h...e} (starts with 'h' and ends with 'e').Read writeup
Secure Flag Distribution ServiceWe've recently discovered that APOCALYPSE is running an illegal [flag distribution service](http://aiodmb3uswokssp2pp7eum8qwcsdf52r.ctf.sg:50401/) to share flags among all their agents. Can you infiltrate their system and take a look? Seems like they're using some OTP system to ensure that only their members can login.Read writeup