GitHub Security Lab

Capture The Flag

Do you want to challenge your vulnerability hunting skills? We created these CTF challenges to allow you to do exactly that, while helping you to quickly learn CodeQL.

Closed: Go and don't return

Language: Go - Difficulty level:

This challenge closed on April 1st 12:00 am PST but you can still enjoy it, to practice CodeQL, or just for the fun!

Your mission, should you choose to accept it, is to hunt for a recently identified vulnerability in an object store. This authentication bypass vulnerability enabled attackers to perform admin API operations without knowing the admin secret key.

Using CodeQL, you'll learn how to detect this bug, and also how to generalize your query to catch a diverse range of related bugs.

This challenge is accessible to CodeQL beginners.

Dates: March 05 - March 31

Go capture the flag!

Closed: A call to hacktion, a GitHub workflow CTF

This CTF is a single level challenge based around GitHub Workflow best practices and an interesting vulnerability pattern that GitHub Security teams have seen out in the real world.

To solve the game, you will have to elevate your privileges from read-only to full write access on a designated game repository!

Read the write-up

Past challenges

You can still enjoy these past challenges, to practice CodeQL, or just for the fun!

• CTF 1: SEGV Hunt - Find a critical buffer overflow bug in glibc. Language: C - Difficulty level:
• CTF 2: U-Boot Challenge - Follow in the footsteps of our security research team and discover 13 vulnerabilities un U-Boot. Language: C - Difficulty level:
• CTF 3: XSS-unsafe jQuery plugins - Find variants of jQuery plugins that expose their clients to undocumented XSS (cross-site scripting) vulnerabilities. Language: JavaScript - Difficulty level:
• CTF 4: CodeQL and chill - Find a pre-auth RCE in Netflix Titus. Language: Java - Difficulty level:

Documentation

If you want to learn more about writing CodeQL queries before getting started with these CTF challenges, you may find the following articles and documents useful:

• Introduction to CodeQL
• CodeQL detective tutorials
• Writing a basic CodeQL query for C/C++
• Python code analysis - Introduction to CodeQL

Getting Help

If you find yourself stuck writing in the QL language or on any part of the CTF and would like some help, email us at ctf@github.com