Saiko Labs
CTF Rooms
19 original challenges · 3200 points on the table · 7 categories · Easy → Insane.
19 challenges
A sanity check to confirm your terminal is wired up. Grab the flag and submit it.
The machine only speaks in ones and zeroes. Translate it back.
An intercepted message where every letter was rotated by a fixed amount.
A string that looks encoded... and then encoded again.
A memory dump full of junk hides one human-readable secret.
The developer swore the flag wasn't in the response. Read all of it.
A radio intercept in Morse code.
A live, deployable web box. Launch your own instance, find the auth bypass, and pull the flag.
The image was scrubbed, but nobody checked the EXIF metadata.
A blob encrypted with a single repeating byte. Recover the key, then the text.
A JWT with its algorithm set to 'none'. No key required.
Only coordinates were transmitted. Convert them precisely.
A decompiled validator XORs the flag with a constant. Undo it.
A TCP stream carved from a capture. Reassemble the ASCII payload.
A classic overflow. Compute the exact offset to the return address.
A three-stage obfuscation pipeline. Reverse each stage in order.
A Vigenère cipher whose key was reused and leaked.
Textbook RSA encrypted character-by-character. n is small enough to factor.
A leaked ROP chain whose gadget addresses are ASCII in disguise.