Get Involved
Capture the Flag
Ready to hone your vulnerability hunting skills? Dive into our CodeQL CTF challenges designed to sharpen your abilities while mastering CodeQL.
Go and don’t return
Closed
Start Date
March 5, 2021
Deadline
March 31, 2021
Language
Go
Difficulty
Your mission, should you choose to accept it, is to hunt for a
recently identified vulnerability in an object store. This
authentication bypass vulnerability enabled attackers to perform
admin API operations without knowing the admin secret key.
View challenge
A call to hacktion, a GitHub workflow CTF
Closed
Start Date
March 17, 2021
Deadline
March 17, 2021
Language
GitHub Actions
Difficulty
This CTF is a single level challenge based around GitHub
Workflow best practices and an interesting vulnerability pattern
that GitHub Security teams have seen out in the real world.
View challenge
Closed
Find variants of jQuery plugins that expose their clients to
undocumented XSS (cross-site scripting) vulnerabilities.
Language
JavaScript
Difficulty
Closed
Follow in the footsteps of our security research team and discover
13 vulnerabilities un U-Boot.
Language
C
Difficulty
Resources
Documentation
If you want to learn more about writing CodeQL queries before
getting started with these CTF challenges, take a look at these
articles.
Help
If you find yourself stuck writing in the QL language or on any
part of the CTF and would like some help, drop us a line.
To keep this community open and welcoming, please read our
Code of Conduct.