| Category | Platform | Key Tool | Hint (or suggested tool) |
| OSINT | Open Source Intelligence | ||
| Meta (easy) | browser | Meta Viewer | Jeffrey’s Meta Viewer (http://exif.regex.info/) |
| Lookup (easy) | browser | Web Search | https://tools.ietf.org/html/rfc1035#page-12 |
| Threat intel (easy) | browser | Web Search | google search on questions |
| HTTP (easy) | browser | Web Search | Search on the HTTP request header layout |
| SSL (med) | browser | Web Search | How to View SSL Certificate Details in Each Browser |
| Barcode (med) | browser | Barcode Rdr | https://online-barcode-reader.inliteresearch.com/ |
| Cryptography | Classic Cryptography | ||
| Crypto1 (easy) | browser | Converter | ‘0x’ indicates hex ; remove the ‘0x’ and use a converter |
| Crypto2 (easy) | browser | Converter | Try simple ciphers first (e.g., ROT13, Ceasar, Atbash, Railfence, etc.) |
| Crypto3 (easy) | browser | Converter | All aplha – Try simple ciphers first (e.g., ROT13, Ceasar, Atbash, Railfence) |
| Crypto4 (easy) | browser | Converter | old code used for radio transmission ( created by Samuel M.) |
| Crypto5 (med) | browser | Converter | Try simple ciphers (e.g., ROT13, Ceasar, Atbash, Railfence) |
| Crypto6 (med) | browser | Converter | Try ciphers that use keys (e.g. vignere, etc) |
| Stego1 (easy) | KaIi Linux | strings & grep | Linux String Command: strings <filename> | grep ‘SKY’ |
| Stego2 (med) | Download | DIIT Tool | View hidden colors using…. Digital Invisible Ink Toolkit |
| Stego3 (hard) | browser | ** N/A – Hard challenges are not in scope ** | |
| Stego4 (hard) | browser | ** N/A – Hard challenges are not in scope ** | |
| PW Cracking | Password Cracking | ||
| cracking1 (easy) | Browser or Kali Linux | Crackstation or Hashcat | OPTION#1 – Go to https://crackstation.net/ |
| cracking2 (med) | Kali Linux | Hashcat (dictionary mask) | 1. Copy hashes into a Kali Linux file (e.g., hash.txt) 2. hashcat -m 0 -a 3 <file_name> ‘SKY-HQNT-?d?d?d?d’ |
| cracking3 (med) | Kali Linux | Hashcat (w/wordlist) | 1. create a pokeman wordlist and load to Kali Linux (e.g. pokemon.txt) 2. hashcat <file_name> -m 0 -a 0 <file_name> pokemon.txt |
| cracking4 (med) | Kali Linux | Ophcrack | Windows password cracking (ophcrack runs in Kali Linux and on Windows) |
| cracking5 (hard) | ** N/A – Hard challenges are not in scope ** | ||
| Log Analysis | Log Analysis | ||
| SSH (easy) | Workstation | Notepad | View the file using a text editor, spreadsheet, or notepad |
| Nginx (med) | Kali Linux | cut , sort , uniq | Q1 – cat access.log | cut -d ” ” -f 1 | sort | uniq -c | wc -l Q2&3 – cat access.log | cut -d ‘”‘ -f3 | cut -d ‘ ‘ -f2 | sort | uniq -c | sort -rn |
| History (med) | Browser | SQLite viewer | Use and SQLite viewer then inspect the tables |
| Squid (hard) | ** N/A – Hard challenges are not in scope ** | ||
| NW Traffic | Network Traffic Analysis | ||
| DNS (easy) | Workstation or Kali Linux | Wireshark | Highlight the DNS row, then open the ‘Domain Name System (Query)’ twistie |
| FTP Traffic (easy) | Workstation or Kali Linux | Wireshark | right-click on the first packet in the capture and use the “Follow > TCP Stream” option |
| HTTP (easy) | |||
| Telnet (easy) | |||
| Pandora (hard) | ** N/A – Hard challenges are not in scope ** | ||
| Wireless | Wireless Security | ||
| pcap1 (easy) | Kali Linux | aircrack_ng | See solution document in the practice gym |
| pcap2 (med) | Kali Linux | aircrack_ng | See solution document in the practice gym |
| pcap3 (hard) | ** N/A – Hard challenges are not in scope ** | ||
| Forensics | Forensics (new) | ||
| Version Control (easy) | Kali Linux | git | unzip git_backup.zip git log |
| File Carving (med) | Kali Linux | binwalk | binwalk green_file |
| Scanning | Scanning | ||
| nmap (easy) | Kali Linux | nmap | use the terminal to run nmap ports.cityinthe.cloud nmap -v -T4 -Pn ports.cityinthe.cloud |
| hidden files (med) | Kali Linux | dirbuster | use dirbuster to find hidden directories on the web site |
| Web Exploit | Web Exploitation | ||
| egov (easy) | Browser | Cookies | Developer tools to inspect/update the application tab for ‘Admin’ cookies info |
| metro lottery (med) | Browser | Source | See solution guide |
| metro clinic (hard) | ** N/A – Hard challenges are not in scope ** | ||
| Enumeration & Exploitation | 10. Enumeration & Exploitation | ||
| python1 (easy) | See solution guide | ||
| python1 (easy) | See solution guide | ||
| python1 (med) | See solution guide | ||
| binary1 (med) | See solution guide | ||
| binary2 (hard) | ** N/A – Hard challenges are not in scope ** | ||