Awesome Windows CTF

01 Nov 2020 in Writeups on Resources, 2020

Where my Windows challenges at?

---

Making something akin to awesome-mobile-ctf but for Windows to curate a list of Windows CTF problems.

Recent Updates

• SSTIC 2021
• Pwn2Win 2021
• Root Me

Pwnables

See Xion’s WinPwn resources for more references on Windows exploitation.

Name	Competition	Writeups	Topics
chatterbox	CSAW CTF 2021 Finals
baby kernel	pbctf 2021		Windows kernelmode
A..Mazing.exe	SSTIC 2021 Challenge	nneonneo	Usermode
pe_analysis (Description)	Pwn2Win CTF 2021	n0ps13d [Epic Leet Team] ptr-yudai [uuunderflow]	Usermode Open source PE file format
Archangel Michael's Storage	HITCON CTF 2020	AngelBoy [HITCON] how2hack [Balsn] Xion [KAIST GoN] (partially solved)	Usermode segment heap
Lucifer	HITCON CTF 2020	AngelBoy [HITCON]	Kernelmode segment heap
BitmapManager	Dragon CTF 2020	j00ru [Dragon Sector] Faith [Perfect Guesser]
LowFunHeap	Hack.lu CTF 2020	Xion [KAIST GoN]	Windows heap exploitation
winsanity	Codegate 2020 Finals	Xion [KAIST GoN]	Userland exploitation
winterpreter	Codegate 2020 Quals	Xion [KAIST GoN]	Userland exploitation
WinKern x64 - Use After Free	Root Me	N/a	Kernel mode
WinKern x64 - Advanced stack buffer overflow - ROP	Root Me	N/a	Kernel mode
dadadb	HITCON 2019 (Quals)	AngelBoy [HITCON]	Windows heap exploitation (segment heap)
Breath of Shadow	HITCON 2019 (Quals)	AngelBoy [HITCON]	KVA Shadow
LazyFragmentationHeap	WCTF 2019	AngelBoy [HITCON]	Windows heap exploitation (LFH)
BabyKernel	Dragon CTF 2019	j00ru [Dragon Sector] slashb4sh [bi0s]
winhttpd	Insomnihack 2019 (Quals)	0daysober	Windows heap exploitation (private heap)
PE32 - Stack buffer overflow basic	Root Me	N/a	Usermode Stack buffer overflow
PE32 - Advanced stack buffer overflow	Root Me	N/a	Usermode Stack buffer overflow
PE32+ Format string bug	Root Me	N/a	Usermode Format string bug
PE32+ Basic ROP	Root Me	N/a	Usermode ROP
elgoog/Searchme	WCTF 2018	j00ru [Dragon Sector]	Windows heap exploitation (PagedPool)
pigdriver	WCTF 2018	r3kapig
Windowsland	HITCON CTF 2018	wmliang
globetrotter	CSAW CTF 2018 Finals	OSIRIS Lab mhackeroni	Heap overflow
StrikeBack	Insomnihack 2018	0daysober
Fastcalc	CONFidence CTF 2017 (Teaser)	chksum[0] 9447
Fastcalc (Hardened)	CONFidence CTF 2017 (Finals)
firewall	CSAW 2017 Quals	OSIRISLab Shell Collecting Club irGeeks
babystack	HITB GSEC 2017	whereisk0shl
babyshellcode	HITB GSEC 2017	babyshellcode
Divided	DEFCON 2017 (Quals)	Securifera
winworld	Insomnihack 2017 (Teaser)	0daysober pasten
easywin	Insomnihack 2017 (Finals)	0daysober
pwn2	AIS3 2017 (Quals)	TastyFeeder
Bubblegum	CONFidence 2016 (Teaser)	j00ru
Entree	CONFidence 2016 (Finals)	j00ru
easier	DEFCON 2016 (Quals)	9447
100percent	Belluminar 2016	leetchicken
thing2	DEFCON 2015 (Quals)	Blackperlsecurity (Part 1/Part 2/Part 3) ??? on Pastebin
drunk	BCTF 2015	rzhou percontation/clockish
VBS	0CTF 2015 (Quals)	seanwupi CVE-2014-6332	CVE-2014-6332 (VBScript/IE)
greenhornd	CSAW 2014 (Quals)	TrailOfBits HackUCF g05u	Stack buffer overflow ROP to defeat ASLR/DEP
Links	CSAW 2014 (Finals)	gaasedelen
Brokenwindow	Power of XX 2014 (Finals)	sweetchip Blackperlsecurity
Breznparadisebugmaschine	Hack.lu CTF 2013	rzhou captf g05u

Reversing

Name	Competition	Writeups	Topics
catharsis	pbctf 2021
Brutal Oldskull	Teaser Dragon CTF 2018	Dragon Sector EmpireCTF
STDIN	Pragyan CTF 2016	superkojiman
Memory	CONFidence 2014	j00ru

Misc

Name	Competition	Writeups	Topics
APT41	KipodAfterFree CTF 2020	Xion