Check this twitter channel for news and announcements.


Most recent solves


Any good way of learning anything contains a significant part of actually doing it. Not just reading about it and how it should be done, but really putting this knowledge into action yourself. This is one of the reason CTFs are such great tools for learning. You take a deep dive into a problem, and then applying all the stuff you read by exploiting the vulnerability.

Squeamish Ossifrage started from the mild frustration that when a CTF is over, some of the challenges from this event are either lost or not easily playable anymore. While those that did not play in the particular CTF might stand to learn from and enjoy these challenges when given the chance. And some of these challenges are so much fun, that is a real shame. Personally, I have designed some challenges over the years and feel like they might still be enjoyable.
Now the emphasis with Squeamish Ossifrage is much more on the learning part than on the time-boxed adrenaline-driven competitive part of a CTF. After all, most of these challenges have been used (with maybe different parameters or settings) at CTFs before, so partial solutions for these are most likely easily found. Yes, there is a scoreboard so you can check your personal progress. But also there might be hints or background information with a challenge which you may choose to use or read when solving a challenge.
Again, it is all about offering a fun learning experience to anyone wishing to dive into cryptography and all of its pitfalls.

All flags to be found in the challenges are in the form of so{ <32 hexadecimal charachters> }, e.g. so{e1e8804b13b17f4fa5836240e1dd79ef}.


If you have a nice cryptography challenge you would like to see here, let me know at! I will gladly put it up here with due credits. Also, if you just have an idea, or saw a nice challenge from a CTF, please get in touch.

If you notice information here is incorrect or missing, for example where the challenge author is wrongfully (or not al all) acknowledged, please let me know so I can set the record straight asap.