smiley (.;,;.) - A student cybersecurity capture-the-flag (CTF) collective.https://ctf.gg/https://ctf.gg/blog/lokaltal/https://ctf.gg/blog/lokaltal/I LOVE WINDOWS ITS AMAZING - Exploiting a race condition in the Windows kernelSun, 15 Feb 2026 00:00:00 GMThttps://ctf.gg/blog/bootkit/https://ctf.gg/blog/bootkit/Leveraging UEFI driver vulnerabilities to pwn Linux + SMM and install a bootkit.Sun, 17 Aug 2025 00:00:00 GMThttps://ctf.gg/blog/smileyctf-2025-infrastructure-postmortem/https://ctf.gg/blog/smileyctf-2025-infrastructure-postmortem/What went wrong and how we fixed itWed, 18 Jun 2025 00:00:00 GMThttps://ctf.gg/blog/tjctf-2025/double-nested/https://ctf.gg/blog/tjctf-2025/double-nested/a fun challenge with multiple layers of filtersSat, 14 Jun 2025 00:00:00 GMThttps://ctf.gg/blog/tjctf-2025/beginner-web/https://ctf.gg/blog/tjctf-2025/beginner-web/web compilationsSat, 14 Jun 2025 00:00:00 GMThttps://ctf.gg/blog/tjctf-2025/https://ctf.gg/blog/tjctf-2025/A collection of TJCTF 2025 writeupsSat, 14 Jun 2025 00:00:00 GMThttps://ctf.gg/blog/tjctf-2025/misc/https://ctf.gg/blog/tjctf-2025/misc/web compilationsSat, 14 Jun 2025 00:00:00 GMThttps://ctf.gg/blog/b01lersctf-2025/no-code/https://ctf.gg/blog/b01lersctf-2025/no-code/why json isn't the future of web frameworksSun, 27 Apr 2025 00:00:00 GMThttps://ctf.gg/blog/b01lersctf-2025/https://ctf.gg/blog/b01lersctf-2025/A collection of b01lersCTF writeupsMon, 21 Apr 2025 00:00:00 GMThttps://ctf.gg/blog/b01lersctf-2025/musicplayer/https://ctf.gg/blog/b01lersctf-2025/musicplayer/rce gadgeting speedrunMon, 21 Apr 2025 00:00:00 GMThttps://ctf.gg/blog/wolvctf-2025-wasm4/https://ctf.gg/blog/wolvctf-2025-wasm4/wasm jailing the unintended wayMon, 24 Mar 2025 00:00:00 GMThttps://ctf.gg/blog/zig-binary-golfing/https://ctf.gg/blog/zig-binary-golfing/How small of a binary can we make zig generate?Wed, 29 Jan 2025 00:00:00 GMThttps://ctf.gg/blog/debugging-gdb-autocomplete/https://ctf.gg/blog/debugging-gdb-autocomplete/Figuring out why GDB autocomplete suddenly stopped working.Mon, 13 Jan 2025 00:00:00 GMThttps://ctf.gg/blog/lakectf-2024-quals/https://ctf.gg/blog/lakectf-2024-quals/LakeCTF 2024 Quals: a heap overflow exploit in a C++ calculator program and a multi-stage web proxy bypass leveraging URL parsing quirks.Sun, 08 Dec 2024 00:00:00 GMThttps://ctf.gg/blog/blockctf-2024/https://ctf.gg/blog/blockctf-2024/We speedran BlockCTF 2024 and placed 1st. Here are the writeups for all of our solves.Thu, 14 Nov 2024 00:00:00 GMThttps://ctf.gg/blog/dynamic-linking/https://ctf.gg/blog/dynamic-linking/Understanding how Linux loads dynamic libraries through program interpreters, dynamic segments, and dependency resolution.Tue, 12 Nov 2024 00:00:00 GMThttps://ctf.gg/blog/hackluctf-2024-blazing-fast-workout-planner/https://ctf.gg/blog/hackluctf-2024-blazing-fast-workout-planner/Exploiting a use-after-free vulnerability in Rust std::iter::RepeatN with Rc to achieve arbitrary read/write and RCE through libc cancellation handlers.Fri, 25 Oct 2024 00:00:00 GMThttps://ctf.gg/blog/ctf-bingo/https://ctf.gg/blog/ctf-bingo/A tongue-in-cheek look at common CTF challenge patterns and tropes that make us roll our eyes.Sun, 13 Oct 2024 00:00:00 GMThttps://ctf.gg/blog/hi-guys/https://ctf.gg/blog/hi-guys/We finally have a website!Sun, 13 Oct 2024 00:00:00 GMThttps://ctf.gg/blog/buckeyectf-2024-gentleman/https://ctf.gg/blog/buckeyectf-2024-gentleman/Exploiting a format string vulnerability and arbitrary file upload in a Python typing game to achieve remote code execution.Wed, 02 Oct 2024 00:00:00 GMT