◢ Community Notes & Writeups

Shared knowledge from Islander Cyber Society members

Knowledge Base

This is our community knowledge dump—a collection of tips, tricks, writeups, and useful scripts contributed by team members. Whether you solved a tricky challenge, found a useful tool, or learned a new technique, share it here to help others learn.

Note: This page contains community-contributed content. Notes may be rough, unpolished, or work-in-progress. Think of it as our collective brain dump—practical knowledge in its rawest form.

Browse by Category

◢ Web Exploitation

SQL injection, XSS, SSRF, authentication bypasses

◢ Binary Exploitation

Buffer overflows, ROP, heap exploitation

◢ Cryptography

RSA attacks, classical ciphers, crypto implementations

◢ Reverse Engineering

Assembly analysis, decompilation, malware analysis

◢ Forensics

Steganography, file analysis, memory forensics

◢ Miscellaneous

OSINT, scripting, general tips and tricks

◢ Web Exploitation

SQL Injection Quick Reference

Contributed by Team Member • Quick Tips

Common SQL injection payloads and techniques that work in most CTF challenges.

# Basic injection test

' OR '1'='1

' OR 1=1--

admin'--

# Union-based extraction

' UNION SELECT NULL,NULL,NULL--

' UNION SELECT username,password FROM users--

Tags: SQL, injection, web, beginner

XSS Bypass Techniques

Contributed by Team Member • Tips & Tricks

Ways to bypass common XSS filters and WAFs in CTF challenges.

  • Try different event handlers: onerror, onload, onfocus
  • Case variation: <ScRiPt>
  • Encoding: URL encoding, HTML entities, Unicode
  • Alternative tags: <img>, <svg>, <iframe>
  • Break up keywords: <scr<script>ipt>

Tags: XSS, javascript, web, bypass

More web exploitation notes coming soon. Contribute your own!

◢ Binary Exploitation

pwntools Template Script

Contributed by Team Member • Useful Script

Basic pwntools template for binary exploitation challenges.

from pwn import *

context.binary = './binary'

p = process('./binary')

# p = remote('host', port)

p.interactive()

Tags: pwn, python, template, pwntools

More binary exploitation notes coming soon. Contribute your own!

◢ Cryptography

Common Encoding Recognition

Contributed by Team Member • Quick Reference

Quick guide to recognizing common encodings in CTF:

  • Base64: Ends with = or ==, alphanumeric with +/
  • Hex: Only 0-9 and a-f characters
  • Base32: Only A-Z and 2-7, ends with =
  • ROT13: Readable words but scrambled
  • Binary: Only 0s and 1s
  • URL encoding: Contains %XX sequences

Tags: crypto, encoding, recognition, beginner

More cryptography notes coming soon. Contribute your own!

◢ Reverse Engineering

Reverse Engineering Notes

No contributions yet. Be the first to share!

◢ Forensics

Forensics Notes

No contributions yet. Be the first to share!

◢ Miscellaneous

General CTF Tips

Contributed by Team Member • Tips & Tricks

  • Always check file headers with file command
  • Use strings on any binary file
  • Check source code in web pages (Ctrl+U)
  • Look for hidden comments in HTML/source code
  • Try common passwords: admin, password, 123456
  • Check robots.txt on web challenges
  • Use CyberChef for quick encoding/decoding

Tags: general, tips, beginner, misc

◢ Competition Writeups

Detailed writeups from past CTF competitions. Learn how challenges were solved and techniques that worked.

Competition Writeups Coming Soon

After each competition, we'll share detailed writeups of challenges we solved. These will include step-by-step solutions, tools used, and lessons learned.

Contribute a Writeup

◢ How to Contribute

Share Your Knowledge

Found a useful technique? Solved a tough challenge? Discovered a great tool? Share it with the community! Your contributions help everyone learn and improve.

What to Contribute

  • Challenge Writeups: Step-by-step solutions to interesting challenges
  • Quick Tips: Short techniques or tricks that worked for you
  • Tool Guides: How to use specific tools effectively
  • Useful Scripts: Automation scripts or helper code
  • Competition Writeups: Detailed analysis from CTF competitions
  • Lessons Learned: What worked, what didn't, and why

How to Submit

  1. Write your content in Markdown format
  2. Include challenge category, difficulty, and relevant tags
  3. Add code snippets, screenshots, or diagrams if helpful
  4. Submit via GitHub (link TBD) or contact team leadership
  5. Your contribution will be reviewed and added to this page

Contribution Guidelines

  • Content can be rough/informal—perfection not required!
  • Credit the original challenge/competition if applicable
  • Don't share flags for active/ongoing competitions
  • Focus on technique and methodology, not just solutions
  • Be respectful and constructive in all contributions
Contact to Contribute