MalwareTheFlag

Capture The Flag competitions are great opportunities to learn new techniques. Most CTF competitions, however, are focused on penetration testing. This is good, but reverse engineers and malware analysts can also benefit from CTF challenges that are focused on their area of expertise. The MalwareTheFlag team aims to create challenges that are based upon techniques that are found in malware samples.

What is MalwareTheFlag

The MalwareTheFlag team’s goal is to create challenges for CTF competitions that also want to focus on malware analysis related challenges. This can range from e-mail related challenges, to challenges that require a more in-depth analysis. All challenges have the goal to teach how certain concepts are used in malware samples in the wild.

MalwareTheFlag’s rule set

Not all CTF challenges are considered good, as some require the user to use guess specific parts of the challenge, rather then deducing the next step based upon the clues within the challenge. We strive to produce high quality challenges at all times. As such, the MalwareTheFlag team adheres to a certain set of rules when creating challenges.

  • Challenges must be based upon techniques that have been found in malware samples in the wild
  • To solve a challenge, one only has to use the provided files
  • All challenges can be solved without an internet connection
  • Challenges must be solvable by deduction, not guessing
  • Published write-ups also include a rationale to fully explain how and why the challenge was created

Who are part of MalwareTheFlag?

The MalwareTheFlag team was founded by me on the fourth of May 2020. The team consists of Kaido, B1nary, and myself, although curated guest submissions are also accepted. Danus created a guest submission, which was used in iHack2020’s classic CTF.

MalwareTheFlag’s track record

All CTFs that used one or more challenges that were made by the MalwareTheFlag team, are given below. The list is given in chronological order, starting with the most recent entry.

Contact us

If you want to join our team or submit a challenge as a guest, please get in touch with me via the contact details below. CTF organisers that want to get in touch with us can use the same contact information.


To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit or DM me on Twitter @LibraAnalysis.