This repository is made to upload some custom interesting scripts in different programming languages that are useful to solve CTF challenges.
Detailed write-ups are posted on my personal blog: https://7rocky.github.io/en/ctf.
For every challenge, there is a README.md file that has a link to the write-up.
The aim of this repository is to provide useful scripts that can be adapted to other circumstances and show how some techniques can be performed using a certain programming language.
Hope it is useful! 😄
| Crypto |
Scripts / Programs |
Language |
Purpose |
| Ursa Minor |
solve.py |
Python |
RSA. Binary Search. Smooth primes |
| Pwn |
Scripts / Programs |
Language |
Purpose |
| fno-stack-protector |
solve.py |
Python |
64-bit binary. Buffer Overflow. Redirect program execution |
| Robot Fatory |
solve.py |
Python |
64-bit binary. Heap exploitation. Unsorted Bin attack. Fast Bin attack. GOT overwrite |
| Secret Note |
solve.py |
Python |
64-bit binary. Buffer Overflow. Format String vulnerability. PIE, Canary, NX and ASLR bypass |
| Crypto |
Scripts / Programs |
Language |
Purpose |
| fizzbuzz101 |
solve.py |
Python |
corCTF 2023. RSA decryption. LSB oracle |
| fizzbuzz102 |
solve.py |
Python |
corCTF 2023. RSA decryption. LSB oracle. LCG |
| qcg-k |
solve.py |
Python / SageMath |
corCTF 2023. DSA. Recurrence relation. Nonces |
| two-wrongs |
solve.py |
Python |
corCTF 2024. Quantum Computing. Quantum Error Correction |
| Pwn |
Scripts / Programs |
Language |
Purpose |
| Format muscle |
solve.py |
Python |
CrewCTF 2024. Format String vulnerability. musl libc. Exit handlers |
| Heap Banging |
solve.py |
Python |
CrewCTF 2025. Heap exploitation. Heap Overflow. Overlapping Chunks. Fast Bin attack. Use After Free. calloc |
| Crypto |
Scripts / Programs |
Language |
Purpose |
| Come on feel the nonce |
solve.py |
Python / SageMath |
CTFZone 2023 Quals. ECDSA. Biased nonces. Hidden Number Problem. LLL lattice reduction |
| Right Decision |
solve.py |
Python |
CTFZone 2023 Quals. Shamir Secret Sharing. System of equations |
| Crypto |
Scripts / Programs |
Language |
Purpose |
| rps-casino |
solve.py |
Python |
DiceCTF 2024 Quals. LFSR. Modular arithmetic. z3 |
| winter |
solve.py |
Python |
DiceCTF 2024 Quals. Winternitz One-Time Signature |
| yaonet |
solve.py |
Python / SageMath |
DiceCTF 2024 Quals. ECC. Baby-step, giant-step. Meet-in-the-middle |
| Pwn |
Scripts / Programs |
Language |
Purpose |
| baby-talk |
solve.py |
Python |
DiceCTF 2024 Quals. Heap exploitation. Null-byte poison. Overlapping chunks. Tcache poisoning |
| oboe |
solve.c |
C |
DiceCTF 2025 Quals. Kernel exploitation. Heap exploitation. Off-by-one. Use After Free. ROP |
| Crypto |
Scripts / Programs |
Language |
Purpose |
| Spooky Safebox |
solve.py |
Python / SageMath |
Hack.lu CTF 2023. ECC. ECDSA. Public key recovery. Biased nonces. Hidden Number Problem. LLL lattice reduction |
| Crypto |
Scripts / Programs |
Language |
Purpose |
| Jorge Wants a Token |
solve.py |
Python / SageMath |
HackOn CTF 2024. JWT. ECDSA biased nonces. Hidden Number Problem. LLL lattice reduction. Discrete logarithm |
| Pederson |
solve.py |
Python |
HackOn CTF 2025. Modular arithmetic. Xoshiro256**. LFSR. z3 solver |
| Play Time |
solve_sage.py
solve_z3.py |
Python / SageMath
Python |
HackOn CTF 2025. Zero-knowledge proof. Pedersen commitment |
| RSACBC |
solve.py |
Python |
HackOn CTF 2025. RSA. XOR. Binomial theorem. GCD |
| Web |
Scripts / Programs |
Language |
Purpose |
| Guglu v2 |
solve.py |
Python |
HackOn CTF 2024. Flag exfiltration with boolean oracle |
| Crypto |
Scripts / Programs |
Language |
Purpose |
| AHS512 |
solve.py |
Python |
Custom hash function. Bit operations |
| Pwn |
Scripts / Programs |
Language |
Purpose |
| Entity |
solve.py |
Python |
64-bit binary. Union structure. Type confusion |
| Finale |
solve.py |
Python |
64-bit binary. open-read-write ROP chain |
| Pumpking |
solve.py |
Python |
64-bit binary. seccomp rules. Custom shellcode |
| Spooky Time |
solve.py |
Python |
64-bit binary. Format String vulnerability. GOT overwrite |
| Crypto |
Scripts / Programs |
Language |
Purpose |
| Careless Padding |
solve.py |
Python |
HITCON CTF Quals 2023. Padding Oracle Attack. Custom padding. Guessing |
| Share |
solve.py |
Python / SageMath |
HITCON CTF Quals 2023. Shamir Secret Sharing. Lagrange interpolation. Chinese Remainder Theorem. multiprocessing |
| Hardware |
Scripts / Programs |
Language |
Purpose |
| HM74 |
solve.py |
Python |
HTB CA 2023. Noisy channel. Hamming codes. Statistically find correct message blocks |
| Misc |
Scripts / Programs |
Language |
Purpose |
| Calibrator |
solve.py |
Python |
HTB CA 2023. Binary search. Euclidean distance |
| Path of Survival |
solve.py |
Python |
HTB CA 2024. Path-finding. Breadth-first Search. Dijkstra's algorithm |
| Pwn |
Scripts / Programs |
Language |
Purpose |
| Control Room |
solve.py |
Python |
HTB CA 2023. 64-bit binary. OOB write. GOT overwrite |
| Crossbow |
solve.py |
Python |
HTB CA 2025. 64-bit binary. OOB. Buffer Overflow. ROP. sys_execve |
| Labyrinth |
solve.py |
Python |
HTB CA 2023. 64-bit binary. Buffer Overflow. Redirecting program execition |
| Gloater |
solve.py |
Python |
HTB CA 2024. 64-bit binary. Heap exploitation. House of Spirit. Overlapping chunks. Tcache poisoning. TLS-Storage dtor_list |
| Maze of Mist |
solve.py |
Python |
HTB CA 2024. 32-bit binary. Buffer Overflow. vDSO ROP. sys_execve |
| Math Door |
solve.py |
Python |
HTB CA 2023. 64-bit binary. Heap exploitation. Heap feng shui. Tcache poisoning. FILE structure attack |
| Oracle |
solve.py |
Python |
HTB CA 2024. 64-bit binary. Heap exploitation. Buffer Overflow. ROP |
| Pandora's Box |
solve.py |
Python |
HTB CA 2023. 64-bit binary. Buffer Overflow. ret2libc |
| Quack Quack |
solve.py |
Python |
HTB CA 2025. 64-bit binary. Buffer Overflow. Canary bypass. Redirecting program execition |
| Void |
solve.py |
Python |
HTB CA 2023. 64-bit binary. Buffer Overflow. ret2dlresolve |
| Pwn |
Scripts / Programs |
Language |
Purpose |
| Refreshments |
solve.py |
Python |
HTB StackSmash CTF. 64-bit binary. Heap exploitation. Off-by-one. Overlapping chunks. Fast Bin attack. Use After Free. calloc |
| Crypto |
Scripts / Programs |
Language |
Purpose |
| AESWCM |
solve.py |
Python |
HTB UniCTF 2022. Custom encryption using AES and XOR |
| Bank-er-smith |
solve.py |
Python / SageMath |
HTB UniCTF 2022. RSA. Known bits. Coppersmith attack |
| Clutch |
solve.py |
Python |
HTB UniCTF 2024. Quantum Criptography. Frame-based Quantum Key Distribution |
| Mayday Mayday |
solve.py |
Python / SageMath |
HTB UniCTF 2023. RSA-CRT. Modular arithmetic. Coppersmith method |
| MSS Revenge |
solve.py |
Python |
HTB UniCTF 2023. Mignotte Secret Sharing. Modular arithmetic. Chinese Remainder Theorem |
| Zombie Rolled |
solve.sage |
SageMath |
HTB UniCTF 2023. Fractions. GCD. RSA signature. Coppersmith method on bivariate polynomial |
| Pwn |
Scripts / Programs |
Language |
Purpose |
| Dead or Alive |
solve.py |
Python |
HTB UniCTF 2024. 64-bit binary. Heap exploitation. House of Spirit. Heap feng-shui. Overlapping chunks. Tcache poisoning. TLS-storage dtor_list |
| Great Old Talisman |
solve.py |
Python |
HTB UniCTF 2023. 64-bit binary. OOB write. Partial GOT overwrite |
| Sacred Scrolls |
solve.py |
Python |
HTB UniCTF 2022. 64-bit binary. Buffer Overflow. ret2libc |
| Spellbook |
solve.py |
Python |
HTB UniCTF 2022. 64-bit binary. Heap exploitation. Use After Free. Fast Bin attack |
| Zombiedote |
solve.py |
Python |
HTB UniCTF 2023. 64-bit binary. Heap exploitation. OOB read and write. Integer Overflow. Floating-point numbers. TLS-storage dtor_list |
| Zombienator |
solve.py |
Python |
HTB UniCTF 2023. 64-bit binary. Heap exploitation. Buffer Overflow. Floating-point numbers. Canary bypass. ret2libc. Oracle |
| Reversing |
Scripts / Programs |
Language |
Purpose |
| Potion Master |
solve.py |
Python |
HTB UniCTF 2022. z3 solution to a set of conditions |
| Web |
Scripts / Programs |
Language |
Purpose |
| BatchCraft Potions |
solve.py |
Python |
HTB UniCTF 2022. GraphQL batching attack. Send XSS and DOM Clobbering payload |
| Breaking Bank |
solve.py |
Python |
HTB UniCTF 2024. Open Redirect. JWKS and JWT forgery. OTP bypass |
| Pwn |
Scripts / Programs |
Language |
Purpose |
| Notepad as a Service |
solve.py |
Python |
ImaginaryCTF 11/07/2022. 75 points. 64-bit binary. Buffer Overflow. ret2libc. Canary and ASLR bypass |
| show-me-what-you-got |
solve.py |
Python |
ImaginaryCTF 08/08/2022. 75 points. 64-bit binary. Format String vulnerability. GOT overwrite |
| Reversing |
Scripts / Programs |
Language |
Purpose |
| xorrot |
solve.py |
Python |
ImaginaryCTF 07/07/2022. 50 points. XOR cipher with rotating key |
| Reversing |
Scripts / Programs |
Language |
Purpose |
| Go Sweep |
solve.go |
Go |
m0lecon CTF 2025 Teaser. Go binary. PRNG. Time-based seed. Threads |
| Binary Exploitation |
Scripts / Programs |
Language |
Purpose |
| seed-sPRiNG |
prng.c |
C |
picoCTF 2019. 350 points. 32-bit binary. PRNG |
| zero_to_hero |
solve.py |
Python |
picoCTF 2019. 500 points. 64-bit binary. Heap exploitation. Null byte poisoning. Tcache poisoning |
| Guessing Game 1 |
solve.py |
Python |
picoCTF 2020 Mini-Competition. 250 points. 64-bit static binary. Buffer Overflow. ROP chain |
| Guessing Game 2 |
solve.py |
Python |
picoCTF 2020 Mini-Competition. 300 points. 32-bit binary. Buffer Overflow and Format String. ret2libc. Bypass ASLR and canary |
| Bizz Fuzz |
find_bof.py
solve.py |
Python
Python |
picoCTF 2021. 500 points. 32-bit binary. Reversing. Long way to a hidden Buffer Overflow. Redirecting program execution |
| filtered-shellcode |
code.asm |
Assembly |
picoCTF 2021. 160 points. 32-bit binary. Custom shellcode |
| Here's a LIBC |
solve.py
solve2.py |
Python
Python |
picoCTF 2021. 90 points. 64-bit binary. Buffer Overflow. ret2libc |
| Stonks |
solve.py |
Python |
picoCTF 2021. 20 points. 32-bit binary. Format String. Memory leaks |
| The Office |
canary.c
solve.py
solve2.py |
C
Python
Python |
picoCTF 2021. 400 points. 32-bit binary. Heap Exploitation. Heap overflow. PRNG. Use After Free |
| Unsubscriptions Are Free |
solve.py |
Python |
picoCTF 2021. 100 points. 32-bit binary. Heap exploitation. Use After Free |
| fermat-strings |
solve.py |
Python |
picoMini by redpwn. 250 points. 64-bit binary. Format String. GOT overwrite and ASLR bypass |
| SaaS |
solve.py |
Python |
picoMini by redpwn. 350 points. 64-bit binary. seccomp rules. Custom shellcode |
| Cryptography |
Scripts / Programs |
Language |
Purpose |
| Sum-O-Primes |
solve.py |
Python |
picoCTF 2022. 400 points. RSA decryption |
| Crypto |
Scripts / Programs |
Language |
Purpose |
| plai_n_rsa |
solve.py |
Python |
SECCON CTF Quals 2023. RSA. Euler totient function |
| Crypto |
Scripts / Programs |
Language |
Purpose |
| Farfour Post Quantom |
solve.py |
Python / SageMath |
Securinets Quals 2023. Matrix operations. Modular arithmetic. Shuffling. Solve system of equations |
| PolyLCG |
solve.py |
Python |
Securinets Quals 2023. Modular polynomials |
| Pwn |
Scripts / Programs |
Language |
Purpose |
| scrambler |
solve.py |
Python |
Securinets Finals 2022. 64-bit binary. ROP. ret2libc. GOT overwrite. Stack Pivot. seccomp rules |
| Crypto |
Scripts / Programs |
Language |
Purpose |
| Close Enough |
solve.py |
Python |
SEETF 2022. RSA. Wrong implementation |
| Rev |
Scripts / Programs |
Language |
Purpose |
| babyreeee |
solve.py |
Python |
SEETF 2022. Revert encryption algorithm. XOR |
| Crypto |
Scripts / Programs |
Language |
Purpose |
| cryptoGRAPHy 1 |
solve.py |
Python |
SekaiCTF 2023. Graph Encryption Scheme. Key leakage. Decryption |
| cryptoGRAPHy 2 |
solve.py |
Python |
SekaiCTF 2023. Graph Encryption Scheme. Single-Destination Shortest Path. Node degrees |
| cryptoGRAPHy 3 |
solve.py |
Python |
SekaiCTF 2023. Graph Encryption Scheme. Query recovery. Tree isomorphisms |
| Noisy CRC |
solve.py |
Python / SageMath |
SekaiCTF 2023. CRC. Chinese Remainder Theorem. Brute force |
| はやぶさ |
solve.py |
Python / SageMath |
SekaiCTF 2024. Falcon. Lattice attack on NTRU. BKZ. Key recovery attack |
| マスタースパーク |
solve.py |
Python / SageMath |
SekaiCTF 2024. Isogeny-based cryptography. CSIDH. Discrete logarithm. CRT |
| Pwn |
Scripts / Programs |
Language |
Purpose |
| speedpwn |
solve.py |
Python |
SekaiCTF 2024. Uninitialized values. Oracle. FILE structure attack. GOT overwrite |
| Crypto |
Scripts / Programs |
Language |
Purpose |
| Big RSA |
solve.py |
Python |
TeamItaly CTF 2023. RSA. Factorial. Modular arithmetic. Integer division |
| Scrambled Pizzeria |
solve.py |
Python |
TeamItaly CTF 2023. XOR. Permutations and substitutions |