These notes are public, opinionated, and evolving — read abdelkader.ma for the long-form posts.
CTF NotesOverview

CTF Notes

CTFs are where I sharpen the instincts I use in real engagements. The notes here are what I keep wishing I had open in a tab while playing.

Pages

Reading order on a new challenge

  1. Read the description twice. Note every noun.
  2. Open every URL in the description (forgotten asset → easy flag).
  3. Read source if provided. Read carefully — the bug is usually in the file the author added.
  4. Try the cheap path first: known CVEs of the stack version.
  5. Then the medium path: business-logic abuse.
  6. Then the creative path: anything off-by-one in the constraints.
Recon ChecklistWeb Challenge Methodology