Offical URL:

picoCTF is a computer security game targeted at middle and high school students. The game consists of a series of challenges centered around a unique storyline where participants must reverse engineer, break, hack, decrypt, or do whatever it takes to solve the challenge. The challenges are all set up with the intent of being hacked, making it an excellent, legal way to get hands-on experience.

CTF events

picoCTF 20180.00
picoCTF 20170.00
Related tags: web pwn xss x86 php crypto stego rop sqli hacking forensics writeup base64 android perl python scripting mips pcap xor sha1 rsa penetration testing z3 elf bruteforce algebra tmctfquals wifi cracking c++ reverse engineering forensic buffer overflow attacks logic metasploit javascript puzzle programming c engineering security arm java js system brute exploitation node.js misc pwnable re organization sql exploit stegano ppc admin steganography secure-coding things math nodejs netflow coding nothing networking injection http penetration shell cracking pentest bash packet analysis php comand injection algorithms games windows format-string stuff network c64 pentesting social engineering carving asm string format html network hacking game being linux recon wireshark googling social being_confused acm problem solving procrastination figuring privilege escalation rfi sqlinjection lfi fuzzing back easy networks mysql pyjail image basic programming basic security concepts socket assembly miscellaneous css caesar password csrf blind rev scans servers learning # bsd nmap kali linux beginner basic enumeration sysadmin good oche secuinside pkcs binwalk trendmicroctf network analyze csp joe hash vice 6502 smalltalk jwt radare2 visual robots lua network security webex bof bufferoverflow clicking binaryexploitation hex2raw pwning picoctf2017 picoctf code-analysis writinglinuxsecuritymodule oshardening hardwaresecurity macintosh winning logical linuxbasic flask forgery shellcode overflow pwntools racecondition sqlmap junior basic sql injection binexploit rsa-crypto machine gdb crack cookies ssti osint diffie-hellman regex png reversing reverse_engineering oscp use-after-free routing switching blackbox cryptography-rsa data-recovery strings netcat nc golang data structure graphics stackcanary attacks buffer login snort vulnerability pytho nxenabled crytography ssrf ciphers angr gif captcha session cbc rc4 linux exploitation devops rce debian ecc wireless tbd force koujiao mon stalking joking. pene phreaking emacs htm esoteric-language hexeditor c googlectf cryptography command_injection containers dreaming struct reverse hid user-agent scanf match ph heap binary gamehacking oscp level pentesting proxy xxd blackberry string-format formatstring stega aes-ecb lsb blindsqli fastbin neverlan google_hacking information_gathering cbc-bit-flipping lsb-stego csp-bypass hooking es6 check-in python-exploitation format-strings binary-exploitation webpage-cookies chinese-remainder euler kubernetes integer_overflow general_skills machine_learning pwnbinaryexploitation 800 webexp skills general nop-sled bit-flipping-attack telnet blind-os-command-injection bits-rotation heap-overflow-attacks client rot