Offical URL: https://picoctf.com/

Highly recommended as anyone's first CTF, picoCTF is a traditional challenge-based competition with a two-week annual competition period that rolls into a year-round accessible learning platform.

CTF events

NameWeight
picoCTF 20190.00
picoCTF 20180.00
picoCTF 20170.00
Related tags: web pwn xss #web x86 php crypto stego rop sqli hacking forensics writeup base64 android perl python scripting mips pcap xor sha1 fun latex rsa penetration testing latex z3 elf bruteforce algebra tmctfquals wifi cracking c++ reverse engineering forensic buffer overflow attacks logic metasploit javascript puzzle programming c engineering security aes arm java js system brute exploitation node.js misc pwnable re organization sql exploit stegano ppc admin steganography secure-coding things math nodejs obfuscated netflow coding nothing networking ruby mongodb injection http penetration malware shell cracking pentest bash packet analysis ios php comand injection algorithms games windows format-string ai stuff network c64 pentesting social engineering carving asm string format html network hacking game being linux recon wireshark googling social being_confused acm problem solving analysis procrastination figuring privilege escalation rfi sqlinjection lfi fuzzing assembly language back easy networks mysql pyjail image basic programming basic security concepts socket assembly code miscellaneous css caesar script password csrf sleeping blind rev scans servers physics. learning # bsd network securtity nmap tshark kali linux beginner basic enumeration sysadmin good oche secuinside pkcs binwalk trendmicroctf network analyze csp joe hash vice 6502 smalltalk jwt radare2 visual based robots databases lua network security developing webex bof bufferoverflow clicking binaryexploitation hex2raw pwning picoctf2017 picoctf vbscript code-analysis it writinglinuxsecuritymodule oshardening hardwaresecurity macintosh winning logical linuxbasic flask forgery shellcode overflow shell scripting pwntools racecondition sqlmap junior basic sql injection dns nessus binexploit rsa-crypto revesing machine gdb crack cookies null-byte-poisoning ssti osint aes-cbc diffie-hellman regex png reversing reverse_engineering oscp use-after-free routing switching type-juggling blackbox cryptography-rsa data-recovery strings netcat nc golang switches routers data structure graphics stackcanary attacks buffer login snort vulnerability pytho nxenabled crytography ssrf ciphers angr gif captcha ocr session cbc cipher rc4 linux exploitation devops rce sourcecode debian ecc wireless tbd force koujiao mon stalking joking. pene phreaking emacs cryptanalysis vigenere htm esoteric-language hexeditor c googlectf cryptography command_injection containers macro dreaming struct reverse ecb hid user-agent scanf match ph heap binary gamehacking oscp level pentesting proxy xxd blackberry string-format buffer-overflow formatstring x-forwarded-for stega aes-ecb lsb blindsqli fastbin 2018 neverlan google_hacking information_gathering header byte-by-byte-decryption cbc-bit-flipping vulnerable-padding syscall eval wat 0ctf blackhole mime exfiltration lsb-stego csp-bypass php-object-injection hooking es6 check-in tcache python-exploitation format-strings binary-exploitation webpage-cookies chinese-remainder euler kubernetes houseoforange integer_overflow general_skills machine_learning pwnbinaryexploitation 800 webexp skills general nop-sled bit-flipping-attack telnet blind-os-command-injection bits-rotation heap-overflow-attacks client rot rng houseofpoortho poisonnullbyte dlmalloc rockyou