0PricingLogin
Cyber Security Academy · Lesson

Web and Crypto Challenges

Solving common web and crypto puzzles.

Two Pillars: Web and Crypto

Web and crypto are the two most common entry points into CTF.

  • Web challenges hand you a running web application and ask you to find a flaw in how it handles input, authentication, or trust.
  • Crypto challenges hand you ciphertext, a scheme, and sometimes source code, and ask you to recover plaintext or a key by exploiting a flaw in how the cryptography was used.

Both reward methodical observation. This lesson covers the recurring puzzles in each.

First Move on a Web Target

Before exploiting anything, map the application. View the source, inspect responses, and probe hidden content.

# Inspect raw response headers and body
curl -i http://target/

# Look for hidden paths the UI does not link to
gobuster dir -u http://target/ -w wordlist.txt

# Common files worth checking by hand
# /robots.txt  /.git/  /backup.zip  /admin

All lessons in this course

  1. CTF Categories and Mindset
  2. Web and Crypto Challenges
  3. Reversing and Pwn Basics
  4. Tooling and Writeups
← Back to Cyber Security Academy