All Writeups
Comprehensive collection of CTF challenges, solutions, and insights.
DEADROP Forensics 6 - NIGHTJAR AFTERMATH
A ZIP containing six post-incident artifacts, logs, a photo, a config, a README, a binary, and a pcap. Each hides one fragment of the flag using a different technique. The README encodes the final fragment via trailing-space whitespace steganography across 47 lines.
DEADROP Forensics 5 - Field Laptop
A disk image with an encrypted hidden partition. The passphrase is GPS coordinates extracted from image EXIF data. The ChaCha20 key derivation parameters and salt are embedded in a self-describing plaintext header in the hidden region, recoverable with strings alone.
DEADROP Forensics 2 - Safehouse
A PNG with a flag hidden in the least significant bits of pixel data. Classic LSB steganography, stegsolve or zsteg extracts it directly.
DEADROP Misc 6 - //CHAOS
A meta-challenge hidden across the DEADROP platform. No challenge listing, no files, no hints. Four flag fragments concealed using four different techniques, favicon MD5 steganography, a hidden 404 endpoint, zero-width Unicode in a checksum field, and a non-standard base64 meta attribute. Unit 7 says hello.
DEADROP Misc 5 - Flatearth Committee Minutes
Meeting minutes from the agency's Flat Earth Contingency Planning Committee hide four flag pieces across the docx XML structure, white-on-white text, an XML comment, a custom document property, and a Word comment. A .docx is a ZIP, unzip it.
DEADROP Misc 4 - SIGINT PUZZLE
Three fake declassified SIGINT documents hide base64 flag fragments in the least significant bits of the red channel. The lore tells you the order; extract, concatenate, decode.