This category gathers Capture The Flag (CTF) writeups and step-by-step solutions to cybersecurity challenges. The content is aimed at practitioners and students who want to see how real competition challenges are solved—from initial reconnaissance to full incident reports. Articles cover phishing and forensics, infrastructure and attack-chain analysis, social engineering and threat-actor methodology, and incident response reporting in formats used in professional SOC and IR teams. Challenges are often based on real campaigns or scenarios (e.g. Guardia CTF), so the writeups double as references for analysts working on similar investigations.
GCTF 2025 - Case Challenge Writeup
Detailed writeup of a realistic phishing investigation challenge created for the 2025 Guardia CTF competition co-organized at Guardia Cybersecurity School. The challenge simulates a real-world incident response scenario where participants act as elite cybersecurity analysts investigating a suspicious URL disseminated within GuardiaCorp’s internal networks. Based on an actual phishing campaign encountered during security operations, the challenge requires creating a comprehensive forensic report describing the attacker’s methodology and techniques. The 5-hour CTF challenge involves analyzing the phishing infrastructure starting from the entry point URL (https://case.gctf.tech#jhubert@gmail.com), tracing the attack chain, identifying social engineering tactics, examining malicious payloads, and documenting findings in a professional incident response report format. The writeup demonstrates practical phishing analysis techniques including URL inspection, infrastructure reconnaissance, and threat actor methodology identification essential for SOC analysts and incident responders.