All Writeups
Comprehensive collection of CTF challenges, solutions, and insights.
Filter by category:
Filter by tag:
All Tags
Raptor-Weekly (14)
ctf (3)
retrospective (3)
overview (3)
ECHELON (12)
DEADROP (37)
WHAMazon! (23)
pcap (13)
base64 (10)
network (10)
Club-Ouroboros (1)
acrostic (1)
aes (2)
aes-cbc (3)
aes-gcm (1)
alg-none (1)
algorithm-confusion (1)
anti-debug (1)
api (5)
api-chaining (1)
auth-bypass (1)
authentication-bypass (1)
autopsy (1)
bash (1)
beaconing (1)
binary (1)
block-cipher (1)
brute-force (3)
bytecode (2)
c2 (3)
cbc (2)
chacha20 (1)
chain (1)
classical-cipher (1)
cloud-metadata (1)
cloudflare-tunnel (1)
command-injection (3)
config-leak (1)
constraint-solving (1)
cookie-theft (2)
core-dump (1)
covert-channel (1)
credential-hunting (1)
credential-reuse (1)
crib-drag (3)
cross-site-scripting (1)
crypto (7)
csp-bypass (1)
cube-root (1)
custom-crypto (1)
custom-isa (2)
custom-properties (1)
cyberchef (2)
darknet-services (1)
decryption (1)
default-credentials (1)
deobfuscation (2)
diffie-hellman (1)
directory-traversal (1)
discrete-log (1)
disk-image (2)
dns (2)
dns-exfiltration (1)
docker (1)
docx (1)
dsa (2)
ecdlp (1)
elf (5)
elliptic-curve (1)
email-forensics (1)
eml (1)
encoding (1)
encoding-chains (1)
encryption (1)
enumeration (1)
error-correction (1)
eval (1)
event-handler (1)
exfiltration (3)
exif (1)
feistel (1)
fetch (1)
ffuf (2)
file-recovery (1)
firmware (1)
flask (3)
foia (1)
forensics (8)
ftp (2)
full-chain (1)
ghidra (4)
github (2)
headers (1)
hex (5)
hidden-partition (1)
hmac (1)
hs256 (1)
html (1)
https (1)
iam (1)
icmp (1)
idor (2)
image-forensics (1)
img-tag (1)
implementation (1)
information-schema (1)
internal-services (1)
iv-reuse (1)
jail-escape (1)
javascript (1)
jinja2 (2)
json (1)
jwt (6)
jwt.io (1)
key-reuse (1)
kill-chain (1)
known-plaintext (3)
lateral-movement (1)
ld-preload (1)
lfi (1)
linkedin (1)
linux (4)
listener (1)
llm-security (1)
local-file-inclusion (1)
localhost (1)
loopback (1)
low-nonce (1)
lsb (2)
ltrace (1)
malware-analysis (1)
marshal (1)
memory (1)
meta (1)
multi-artifact (1)
multi-machine (1)
multi-stage (2)
network-pentest (1)
no-padding (1)
nonce-reuse (2)
none-algorithm (1)
oaep (1)
obfuscation (4)
office-formats (1)
os-shell (1)
osint (4)
otp-reuse (1)
padding (1)
padding-oracle (1)
partial-key (1)
path-traversal (2)
pcapng (2)
pdf (1)
pe (1)
php-deserialization (1)
pkcs1 (1)
pkcs1-v15 (1)
plaintext (1)
png (2)
pohlig-hellman (2)
polyglot (1)
powershell (3)
pre-master-secret (1)
private-key-recovery (2)
privesc (1)
privilege-escalation (2)
prompt-injection (1)
pyarmor (1)
pycryptodome (1)
python (7)
rc4 (1)
rce (4)
readelf (1)
recon (4)
reconnaissance (1)
reconstruction (1)
red-vs-blue (1)
reed-solomon (1)
register-machine (1)
restricted-shell (1)
rev (6)
reverse-engineering (3)
rfc822 (1)
robots.txt (1)
rot13 (1)
rs256 (1)
rsa (4)
runtime-generation (1)
scapy (1)
security-misconfiguration (1)
server-side-request-forgery (1)
session-keys (1)
session-manipulation (1)
signature (2)
signature-forgery (1)
sleuthkit (1)
small-exponent (1)
smb (1)
smooth-order (1)
smt (1)
snmp (1)
socat (1)
social-media (1)
source-code (1)
source-review (1)
sqli (3)
sqlite (1)
ssrf (4)
ssti (2)
static-analysis (2)
steganography (6)
stegsolve (1)
stored-xss (1)
stream-cipher (1)
streams (1)
string-array (1)
strings (3)
symmetric (1)
template-injection (1)
tls (2)
tls-decryption (1)
token-forgery (3)
token-manipulation (1)
traffic-analysis (1)
tshark (4)
two-time-pad (1)
udp (1)
unicode (1)
union-injection (1)
unit7 (1)
vigenere (1)
vm (2)
web (5)
whitespace (1)
windows (3)
winrm (1)
wireshark (5)
xml (1)
xobject (1)
xor (5)
xss (2)
z3 (1)
zsteg (1)
2026-03-01
Network
Insane
DEADROP Network 6 - OPERATION NIGHTJAR
A single PCAP containing a complete attack kill chain, reconnaissance, exploitation, C2 establishment, lateral movement, data staging, and exfiltration. Each stage requires a different analysis technique. Read the whole story from first SYN to final exfil packet.
network
pcap
kill-chain
wireshark