菜单
Solve CTF challenges by analyzing files, connecting to services, and applying exploitation techniques. Orchestrates category-specific CTF skills.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
| name | solve-challenge |
| description | Solve CTF challenges by analyzing files, connecting to services, and applying exploitation techniques. Orchestrates category-specific CTF skills. |
| user-invocable | true |
| argument-hint | [challenge description, URL, or category] |
| allowed-tools | ["Bash","Read","Write","Edit","Glob","Grep","Task","WebFetch","WebSearch"] |
You're an expert CTF player. Your goal is to solve the challenge and capture the flag. Be aggressive and creative — try multiple approaches quickly.
challenges/<category>/<challenge-name>/ with README.md and files/nc), read source code.agents/skills/ctf-<category>/SKILL.mdstrings, file, xxd, view source, check robots.txt, try default credssolve.py with working solutionflag.txt, print clearlyRead skill files for detailed techniques: .agents/skills/ctf-<category>/SKILL.md
| Category | Skill | When to Use |
|---|---|---|
| Web | ctf-web | XSS, SQLi, SSTI, SSRF, JWT, file uploads, auth bypass, prototype pollution |
| Reverse | ctf-reverse | Binary analysis, game clients, obfuscated code, VMs, anti-debug |
| Pwn | ctf-pwn | Buffer overflow, format string, heap, kernel, ROP, race conditions |
| Crypto | ctf-crypto | RSA, AES, ECC, ZKP, PRNG, classical ciphers, Z3 solving |
| Forensics | ctf-forensics | Disk images, memory dumps, PCAP, event logs, file carving |
| OSINT | ctf-osint | Social media, geolocation, DNS, username enumeration |
| Malware | ctf-malware | Obfuscated scripts, C2 traffic, PE/NET analysis, protocol reversing |
| Misc | ctf-misc | Encodings, jail escapes, SDR/RF, QR codes, esolangs, floating point |
| Stego | ctf-stego | Image/audio steganography, LSB, spectrograms, hidden data |
| Recon | ctf-recon | Port scanning, service enumeration, web directory fuzzing |
# Connect and interact
nc host port
echo -e "answer1\nanswer2" | nc host port
curl -v http://target/
curl -s http://target/ | grep -i flag
# Find flags in files
strings * | grep -iE "(flag|ctf)\{"
grep -rn "flag{" . && grep -rn "CTF{" .
find . -name "flag*" 2>/dev/null
# File analysis
file *; binwalk *; exiftool *
xxd suspicious_file | head -20
$ARGUMENTS
Cryptography techniques for CTF challenges. Use when attacking encryption, hashing, ZKP, signatures, or mathematical crypto problems.
Digital forensics and blockchain analysis for CTF challenges. Use when analyzing disk images, memory dumps, event logs, network captures, or cryptocurrency transactions.
Malware and network analysis techniques for CTF challenges. Use when analyzing obfuscated scripts, malicious packages, custom protocols, or C2 traffic.
Miscellaneous CTF challenge techniques. Use for trivia, automation scripts, encoding puzzles, RF/SDR signal processing, or challenges that don't fit other categories.
Open Source Intelligence techniques for CTF challenges. Use when gathering information from public sources, social media, geolocation, or identifying unknown data.
Binary exploitation (pwn) techniques for CTF challenges. Use when exploiting buffer overflows, format strings, heap vulnerabilities, race conditions, or kernel bugs.