Yellow Yak CTF

Welcome to the thrilling world of Yellow Yak, where the realms of cybersecurity and adventure collide! The Yellow Yak Capture The Flag (CTF) event beckons you to embark on an electrifying journey through a landscape of digital challenges and cunning puzzles. This is not just an event; it's an expedition into the heart of cybersecurity, where participants will unravel mysteries, crack codes, and conquer obstacles as a united force.

In the spirit of collaboration and camaraderie, Yellow Yak presents a series of challenges that will test your problem-solving skills, strategic thinking, and technical prowess. As you navigate through the labyrinth of cryptic scenarios, each challenge is a stepping stone towards victory, requiring not just individual brilliance but the collective genius of your team.

Prepare to be immersed in an interactive experience where participants, armed with their cybersecurity acumen, must work hand-in-hand to decipher encrypted messages, penetrate digital fortresses, and overcome the intricate puzzles laid out before them. Yellow Yak is more than just a CTF; it's a celebration of teamwork, skill development, and the sheer joy of conquering the cyber frontier.

Gather your team, don your virtual armor, and get ready for a memorable adventure at Yellow Yak. The challenges await, and the thrill of victory is within reach for those who dare to face the unknown in this exhilarating cybersecurity odyssey! May the bytes be ever in your favor, and when you reach a piece of text like


you know that you have found one of the twelve hidden flags.

The Yellow Yak

Tools and equipment

Participating in a Capture The Flag (CTF) event requires a basic set of tools to navigate the challenges presented in the cybersecurity competition.

As this is a beginner level CTF, most tools for exploitation and network level stuff are excluded and the focus is more on lateral thinking and investigative skills:
Web Browser

A standard web browser is often the first tool you'll use. Not only do you need to access the challenges as such and the resources they might link to, but it is also a good idea to search for phrases like "can you hide information in such and such" or "online tool to identify/decrypt this and that".

Text Editor

A text editor is essential for examining and manipulating code, scripts, or any text-based content encountered during challenges. Popular choices include VSCode, Notepad++, Atom, or Sublime Text.

Terminal / Command Line Interface (CLI)

A command-line interface allows you to execute  common commands like 'wget', 'file', 'strings', 'binwalk', 'mv' and custom scripts efficiently. You don't need a dedicated computer for this, but a Kali VM will help in case you would need to install certain software. Understanding basic command-line operations is crucial for many CTF challenges.

Cryptography Tools

Tools such as Cryptool, CyberChef, or online cryptography tools are helpful for deciphering encrypted messages, hashes, or codes encountered in cryptography challenges.

Programming Languages

Proficiency in one or more programming languages is beneficial. Python is often recommended for its versatility and ease of use in scripting, but familiarity with languages like JavaScript, Java, or C may also be advantageous. When encountering an unknown language, Google is your friend.

Steganography Tools

Challenges involving steganography (hidden messages within files) may require tools like Steghide or stegsolve to extract concealed information. Use the clues you have at hand to search for what tool you need at a certain time.

Good eyes and ears

There are clues laid out here and there for each challenge. Sometimes in the description, sometimes in names and even types of certain resources. Look for anomalies, odd wordings and seemingly broken things. And don't be afraid to dig.

Cracking Tool

Tools like John The Ripper can be valuable when encountering a locked resource, with a potentially weak or common (among the top ten thousand) password. 

Multimedia Software

It will be useful to have some common open source software tools for working with files such as images or even sound files. 

The Challenges

Just a Test
Just a test

Testing, testing.

The Curious Rabbit
The Curious Rabbit

A reasonably easy exercise in finding information and tools.

The Sneaky Cows
The Sneaky Cows

An intermediate exercise, where you have to use some forensics skills.

Christmas Greeting
Christmas Greeting

A multi-step challenge, where some lateral thinking is highly required.

Return of the Sneaky Cows
Return of the Sneaky Cows

A challenge where you need to question certain assumptions.

How Did the Story Continue?
How Did the Story Continue?

How hard can it actually be to find the key, or at least a replacement?

Sneaky Cows 3.0
Sneaky Cows 3.0

Cracking, anyone?

That 80's TV Show
That 80's TV Show

A bunch of short episodes, a long time ago. Just listen to that theme song!

Say Hi to Zippy
Say Hi to Zippy

By being virtual, you might to have to accept being stuck in a box sometimes.

A Spade is a Spade
A Spade is a Spade

Sometimes the answer needs some help to surface.

The Elephant in the Room
The Elephant in the Room

Spot is a good dog. A very good dog indeed.
There is one thing, though...


© Copyright 2023 Anders Borlid

AI Website Creator