-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathctf.html
More file actions
71 lines (67 loc) · 4.33 KB
/
ctf.html
File metadata and controls
71 lines (67 loc) · 4.33 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" type="text/css" href="styles.css">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="preconnect" href="https://fonts.googleapis.com">
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&family=JetBrains+Mono:wght@400;500&display=swap" rel="stylesheet">
<title>Nuno Sabino - Capture-the-flag Competitions</title>
</head>
<body>
<header class="site-header">
<nav class="site-nav">
<span class="site-name mono">nuno@sabino ~ $</span>
<div class="nav-links">
<a href="index.html">Home</a>
<a href="research.html">Research</a>
<a href="#" class="nav-active">Capture-the-flag Competitions</a>
</div>
</nav>
</header>
<main class="container">
<div class="profile-photo-frame" aria-label="Nuno Sabino"></div>
<h2>About</h2>
<p>I regularly participated in capture-the-flag competitions over the years as a member of <a href="https://ctftime.org/team/34619">STT</a>. I usually focus on solving cryptography or web challenges.</p>
<p>I was one of the team captains of Team Europe, and won <a href="https://www.enisa.europa.eu/topics/education/international-cybersecurity-challenge-icc/team-europe-icc2022">ICC</a>. Now I get invited to create cryptography challenges for the new candidates, since I am too old to participate as a player 😢.</p>
<h2>Writeups</h2>
<ul class="writeup-list">
<li><a href="https://sectt.github.io/writeups/HTB24/README">Clutch - HTB</a></li>
<li><a href="https://sectt.github.io/writeups/ASIS24-quals/Clement/README">Clement - ASIS CTF</a></li>
<li><a href="https://sectt.github.io/writeups/Plaid21/crypto_fakemedalion/README">Fake Medallion - Plaid CTF</a></li>
<li><a href="https://sectt.github.io/writeups/GoogleCTF20/crypto_yafm/README">YAFM - Google CTF</a></li>
</ul>
<h2>Tools</h2>
<ul class="tool-list">
<li>
<a href="https://github.com/icemonster/symbolic_mersenne_cracker">Symbolic Mersenne Cracker</a>
A tool that models the Mersenne Twister function as a Z3 program and is able to predict the next bits coming out of Python's RNG given just a few bits.
</li>
<li>
<a href="https://github.com/NodeMedicAnalysis/NodeMedic-FINE">NodeMedic-FINE</a>
Uses dynamic taint analysis to detect arbitrary command injection and arbitrary code execution vulnerabilities in Node.js packages — and it automatically synthesizes exploits!
</li>
<li>
<a href="https://github.com/icemonster/SWIPE">SWIPE</a>
Uses fuzzing and symbolic execution (on a browser modified to run taint analysis) to detect DOM-XSS vulnerabilities in web pages.
</li>
</ul>
<h2>Awards</h2>
<p>Over the years I won multiple awards (usually in teams) in several different CTF competitions, including:</p>
<ul class="award-list">
<li><a href="https://www.cmuportugal.org/media/nuno-sabino-leads-team-europe-to-victory-in-the-international-cybersecurity-challenge/">Led team Europe in ICC 2022 (1st place)</a></li>
<li><a href="https://visao.sapo.pt/exameinformatica/noticias-ei/internet/2021-09-23-sao-jovens-hackers-e-vao-defender-as-cores-de-portugal-no-europeu-de-ciberseguranca/">Led team Portugal in ECSC (7th place)</a></li>
<li><a href="https://tecnico.ulisboa.pt/pt/noticias/campus-e-comunidade/stt-qualifica-se-pela-quarta-vez-consecutiva-para-a-final-de-uma-das-mais-importantes-competicoes-de-seguranca-informatica/">CSAW Quals 2020 (5th place)</a></li>
<li><a href="https://tecnico.ulisboa.pt/en/news/campus-community/stt-among-the-six-best-teams-in-the-world-at-csaw19-qualifying-round/">CSAW 2019 (2nd place)</a></li>
<li><a href="https://tecnico.ulisboa.pt/pt/noticias/campus-e-comunidade/stt-alcanca-resultados-historicos-em-duas-das-maiores-competicoes-internacionais-de-seguranca-informatica/">CSAW 2018 (3rd place)</a></li>
</ul>
<p>To name a few. Anyway, yeah, I love to play CTFs!</p>
</main>
<footer class="site-footer">
<nav>
<a href="index.html">Home</a>
<a href="research.html">Research</a>
<a href="#" class="nav-active">Capture-the-flag Competitions</a>
</nav>
</footer>
</body>
</html>