Resources & Tools
Every challenge in this CTF can be solved in your browser β no terminal, no installs, no downloads. When a challenge says "Need a tool for this?", this is the page it means.
Below are free, open-source / browser-based tools grouped by what you're trying to do. Pick the row that matches your task.
π View a page's source code
See the raw HTML behind any web page β including comments and content that isn't shown on screen.
- view-page-source.com β paste a URL and read its full source in your browser.
Built into your browser too: right-click a page β View Page Source (or press Ctrl+U / β+β₯+U). Press F12 (or right-click β Inspect) to open Developer Tools and explore the live page, its elements, and stored cookies.
π Send or inspect network requests (headers, cookies, methods)
Craft an HTTP request with custom headers, cookies, or methods and see exactly what comes back β things a normal browser address bar won't let you do.
- reqbin.com β build and send HTTP requests (GET/POST, custom headers, etc.) right from the browser and read the full response.
π Encode, decode & work with ciphers
A single Swiss-army tool that handles almost everything in the Cryptography category β Base64, hex, ROT/Caesar, VigenΓ¨re, XOR β and more. You build a "recipe" by stacking operations, which is perfect for anything that's been transformed more than once.
- CyberChef β "the Cyber Swiss Army Knife." Drag operations into the recipe pane; it also extracts EXIF metadata from images and detects file signatures / magic bytes.
#οΈβ£ Identify an unknown hash
Not sure what kind of hash you're looking at? Identify the algorithm first, then decide how to attack it.
- hashes.com hash identifier β paste a hash and it tells you the likely algorithm(s).
General tips
- Read the whole page. Challenge pages often hide what you need in source comments, element attributes, response headers, or metadata β not in the visible text.
- Stuck? Every challenge has hints you can unlock from the challenge itself. Some are free; some cost a few points.
- Flags always look like
CTF{...}. Submit them exactly as found unless the challenge specifies a format.