A collection of CTF source files and write-ups that anyone can contribute to. Did you just publish a CTF write-up? Let us know, and we'll add a link to your post — or just add the link yourself and submit a pull request. Spot an issue with a solution? Correct it, and send a pull request. Please read CONTRIBUTING.md. Archive Write-ups for CTFs that occurred in 2013 (this repository) Write-ups for CTFs that occurred in 2014 Write-ups for CTFs that occurred in 2015 Write-ups for CTFs that occurred in 2016
FEATURES
ALTERNATIVES
A comprehensive platform for software developers to learn, create, and optimize applications for Arm-based processors
A security dataset and CTF platform with full and attack-only versions pre-indexed for Splunk.
Script to check for artifacts with the same name between repositories to prevent Dependency Confusion Attacks.
A conference featuring talks and workshops on various Python-related topics.
Python package for fanging and defanging indicators of compromise in text.
A tool for auditing and reporting Unix host security with the ability to perform a lockdown.
Real-time capture the flag (CTF) scoring engine for computer wargames with a fun game-like environment for learning cybersecurity skills.
PINNED

InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.