Hack.lu CTF 2017 Indianer Write Up

This is a writeup of the Indianer challenge from Hack.lu 2017

CSAW CTF 2017 Revisiting Auir

This is a short post to (hopefully) answer some of the questions that I have received about my exploit auir.py and talk about a few interesting things that I have found.

CSAW CTF 2017 Infrastructure Overview

We’ve had a few people ask us over the past couple of years how we deploy CTFd and our challenges to serve the more than 2000 teams we have in CSAW CTF Quals, so here’s a quick post explaining how we do it.

CSAW CTF 2016 Finals Problems repo release

A few weeks ago, we ran the annual CSAW CTF finals round. We’ve released the problems so that anyone can play the problems themselves at home.

CSAW CTF 2016 Problems repo release

Last weekend, we ran the annual CSAW CTF qualification round. After a wonderful competition, we’ve released all the problems (along with Dockerfiles for deployment) to the public.


Last year, we had many ctf teams from around the world compete in the annual CSAW CTF. This event is geared toward college undergradates, however it is open to anyone who wishes to play.

CSAW CTF 2015 - Weebdate

After creating an account on the site and logging in, we notice pretty quickly that trying to set our profile image URL to an invalid URL returns a python error

CSAW CTF 2015 - Transfer

After quickly looking through the .pcap, we find two things: a python source file, and a large b64 string (‘2Mk16Sk5iakYx…’)