CTFFactory Cyber Foundations
Foundation-level certification covering essential CTF and cybersecurity skills across cryptography, forensics, encoding, and logical reasoning.
CTF Methodology, Simple Artifacts and Proof of Solve
No cards in this course yet.
Encoding, Decoding, Classical Cryptography and Light Automation
Reverse engineering protocol
Custom encoding
Time puzzle
XOR Chain Obfuscation Reversal: Sequential Key Recovery and Position-Derived Key Derivation Analysis
Recovering RSA Private Keys from Malformed Signatures via Fault Injection
Detecting Length-Extension and Forgery Flaws in Custom MAC Implementations
JWT Algorithm Confusion Attack: Exploiting Key Confusion and Asymmetric Misuse
Breaking Monoalphabetic Substitution Ciphers via Frequency and N-Gram Analysis
Exploiting ECDSA Nonce Reuse to Recover Private Keys via Shared k Values
Linear Congruential Generator Cryptanalysis: Parameter Recovery and State Prediction
Timestamp-Seeded PRNG Exploitation: Predicting and Reproducing Time-Based Random Output
bcrypt Pepper Exposure Analysis: Reconstructing Hash Inputs from Leaked Secret Values
MD5 Collision Generation and Exploitation: Crafting Identical-Hash Inputs for Integrity Bypass
CSRF Token Forgery (Static Artifact): Cross-Origin State-Changing Request Without Token Validation
Non-Expiring Refresh Token (Static Artifact): Indefinite Session Abuse via Missing Token Revocation
X-Forwarded-For Bypass (Static Artifact): Header Manipulation for IP-Based Access Control Defeat
one_gadget Exploitation: Single libc Shell Gadget Identification and Constraint-Satisfying Invocation
Introduction to File and Network Forensics
EXIF metadata
Hidden ZIP in image
Steganography
Corrupted archive
Cloud Instance Metadata Credential Theft: IMDS Exploitation for IAM Role Token Extraction
Email-to-Pastebin OSINT Pivot: Address-Based Identity Tracing to Exposed Secret Discovery
Type Confusion Exploitation: C++ Vtable Misdirection and Union-Based Memory Reinterpretation for Code Execution
IMDS SSRF to IAM Credential Theft: Metadata Endpoint Exploitation for Role Hijacking
Lambda-to-Secrets-Manager Privilege Chain: Function Role Exploitation for Secret Retrieval
Terraform State-to-AWS Pivot: Credential Extraction Chain from Leaked State to Live Resources
CTFFactory Cyber Foundations — CTF Practitioner
Foundation credential — awarded upon completion