01
Caesar's Secret
Easy
100 pts
✓ Solved
Julius Caesar used a simple substitution cipher to protect his messages — shift each letter by a fixed number of positions in the alphabet. The intercepted message below was encrypted with a shift of 3. Decrypt it to find the flag.
Encrypted Message
ZKH SDVVZRUG LV: FDHVDUFLSKHU
Caesar Cipher Decoder — try different shifts
Output will appear here...
ROT13 is a special case of Caesar cipher with shift 13. For shift 3: A→D, B→E, C→F. To decrypt, go backwards: shift -3, or shift 23 forward. Try shift 23 in the decoder above.
✓ What You Learned
Caesar cipher is one of the oldest known encryption methods (~100 BC). It's a substitution cipher — every letter is replaced by another. It's trivially crackable today (only 25 possible keys), but it introduces the core idea of symmetric encryption: the same key (shift value) encrypts and decrypts. Modern encryption uses the same principle but with astronomically larger key spaces.
02
Encoded Intelligence
Easy
100 pts
✓ Solved
An analyst found this string in a suspicious email attachment. It's not encrypted — just encoded. Decode it to reveal the hidden flag. Base64 is commonly used to embed binary data in text, and attackers sometimes use it to obfuscate payloads.
Encoded String
RkxBR3tiYXNlNjRfaXNfbm90X2VuY3J5cHRpb259
Base64 Decoder
Output will appear here...
Base64 strings often end with = or == padding characters. You can use the decoder tool above — paste the entire encoded string in.
✓ What You Learned
Base64 is encoding, not encryption. There's no key — anyone can decode it instantly. Attackers use it to bypass basic content filters that look for obvious malicious strings. Seeing Base64 in an unexpected place (email attachments, URL parameters, scripts) is a red flag worth investigating. This is why security analysts need to recognize and decode common encodings quickly.
03
Read the Source
Easy
150 pts
✓ Solved
Developers sometimes accidentally leave sensitive information in HTML comments. This page contains a hidden flag — but not where you can see it. Use your browser's developer tools to inspect the source code of this very page and find it.
Hint
Open your browser developer tools and look in the HTML. The flag is right there — you just can't see it in the rendered page.
Press Ctrl+U (Windows/Linux) or Cmd+Option+U (Mac) to view the raw HTML source. Then use Ctrl+F to search for "FLAG{" — it's in an HTML comment.
✓ What You Learned
HTML comments are invisible to users but fully visible to anyone who views the source code. Real-world examples of data exposed in source code include API keys, passwords, internal IP addresses, and staging environment URLs. Security professionals routinely check page source during reconnaissance. Never put anything in an HTML comment you wouldn't put in a billboard.
04
Binary Breakdown
Medium
200 pts
✓ Solved
A network packet was captured and the payload was extracted as binary. Convert the binary to ASCII text to reveal the hidden message and find the flag. Each group of 8 bits represents one character.
Binary Payload
01000110 01001100 01000001 01000111 01111011 01100010 01101001 01101110 01100001 01110010 01111001 01011111 01101001 01110011 01011111 01100010 01100001 01110011 01101001 01100011 01111101
Binary → ASCII Converter
Output will appear here...
Each group of 8 binary digits (a byte) maps to one character in the ASCII table. 01000110 = 70 decimal = 'F'. Try the converter tool above — paste the full binary string in.
✓ What You Learned
Computers store all data — text, images, passwords — as binary. Understanding the relationship between binary, decimal, hex, and ASCII is foundational to network analysis, malware analysis, and cryptography. Network analysts read packet captures (like Wireshark output) where payloads appear as hex or binary. Being able to decode these quickly is a core analyst skill.
05
Hash Hunt
Hard
300 pts
✓ Solved
During a forensics investigation, a password hash was recovered from a compromised system. Identify the hash algorithm by its length and format, then crack it — it hashes a common 4-letter word. The flag is the cracked password wrapped in FLAG{}.
Recovered Hash
1f3870be274f6c49b3e31a0c6728957f
Hash Identifier — length & format analysis
Hash Length
32 hex chars
Bit size
128 bits
Likely Algorithm
???
Word Hash Tester — hash a word and compare
Type a word above to see its MD5 hash
A 32-character hex hash is almost always MD5. The target word is a 4-letter animal commonly associated with the color blue. Try hashing common words using the tool above and comparing to the recovered hash.
✓ What You Learned
You just performed a manual dictionary attack — the same technique tools like hashcat use, but by hand. MD5 produces a 32-character hex string (128 bits). You identified the algorithm by its output length, then cracked it by hashing candidate words until you found a match. This is exactly how credential databases get cracked after a breach: dump the hashes, run a wordlist, collect plaintext passwords.