Use a variety of OSINT techniques to solve this room created by the OSINT Dojo.

Link to room HERE.

“The OSINT Dojo recently found themselves the victim of a cyber attack. It seems that there is no major damage, and there does not appear to be any other significant indicators of compromise on any of our systems. However during forensic analysis our admins found an image left behind by the cybercriminals. Perhaps it contains some clues that could allow us to determine who the attackers were?

We’ve copied the image left by the attacker, you can view it in your…


A (free) Canberra-themed open-source intelligence capture the flag contest.


“An intro to SOCMINT (Social Media Intelligence/Investigation) techniques and tooling. Use your awesome OSINT skills to perform an online investigation of a mysterious husband!”

HERE is a link to the room.

Task 1 is just confirming that you understand the rules of the challenge, so let’s move on to Task 2:

Background Information:

You are Aleks Juulut, a private eye based out of Greenland. You don’t usually work digitally, but have recently discovered OSINT techniques to make that aspect of your job much easier. …


A forensic challenge — find out who the owner of the USB stick was and reconstruct their story.

So this blog is a little bit different. Instead of doing a CTF walkthrough, I’m going to be doing a game walkthrough. This is something I found on Steam while I was in my Digital Forensics class and wanted some more practice.

HERE is a link to the game if you are interested in more information.

Basically, the point is to discover why some mysterious person was hanging out at a bridge. …


Cyber Detective CTF is an OSINT-focused CTF created by the Cyber Society at Cardiff University.

There are 40 challenges across 3 streams: General Knowledge, Life Online and Evidence Investigation.

Link HERE.

According to the creators, it should be up indefinitely for anyone who wants to practice their OSINT skills.

It should be noted that I do not have solutions to either ‘leaveamessage’ or ‘readyfortakeoff’. If I figure those out in the future, I will add them.


Fall down the rabbit hole and enter wonderland.

Link to room HERE.

Here is the initial nmap scan:


Room: Advent of Cyber 2

Difficulty: Beginner

This is it — the moment that Elf McEager has been waiting for. It’s the final exam of the Nmap course that he enlisted on during “Day 8 — What’s Under the Christmas Tree?”. It looks like all that hard work of hitting the books has paid off…“Success!” Elf McEager screams… “the exploit worked! Yippeee!”

Elf McEager has successfully managed to create a reverse shell from the target back to his computer. Little did he know, the real exam begins now…The last stage of the exam requires Elf McEager to escalate his privileges…


UTCTF is a Capture the Flag competition created by The Information & Systems Security Society (ISSS) at the University of Texas at Austin.


This room focuses on Geolocating Images. It is designed to be beginner friendly. HERE is a link to the room if you would like to follow along.

To begin with, we start out with reverse image searches. I’m already laughing at the author’s STRONG opinion of Google Image search:

“Yandex is to Google what a formula 1 racing car is to the $200 car you brought off your friend Ivan who claims the car isn’t stolen but you’ve had police tailing you all week.

It really is night and day. There is no comparison to be made. Use Yandex first…


“In this room we will be exploring the discipline of IMINT/GEOINT, which is short for Image intelligence and geospatial intelligence. This room is suited for those of you who are just beginning your OSINT journey or those brand new to the field of IMINT/GEOINT.”

Click HERE for a link to the room.

Task 2: What is the name of the street where this image was taken?

Samantha

CTF Writeups to facilitate cyber education.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store