malwarectf -

This release contains the first version of the academic paper:

📄 CTF Security: Hidden threats in Capture The Flag challenges
by Alessandro Nessi & Alessandro Rebecchi
📅 March 2025

---

🧠 Abstract

This research investigates the potential presence of malware in CTF (Capture The Flag) challenges, with a focus on binary challenges from crackmes.one. A virtualized and isolated testbed was deployed using Proxmox and WireGuard VPN with a strict network policy and snapshot-based rollback system.

Suspicious challenges were collected via Selenium-based web scraping and filtered by keywords in user comments. Dynamic and static malware analysis (with Procmon, Wireshark, Strings, and Ghidra) was conducted. Although some samples were flagged by VirusTotal, no evidence of actual malware was found.

---

🛠️ Technologies used:

• Proxmox VE
• WireGuard & Mullvad VPN
• Windows 11 & Debian 12 virtual machines
• VirusTotal, Procmon, Wireshark, Ghidra
• Python + Selenium for automation

---

📦 Files included: - CTF_Security_Paper.pdf: Final compiled PDF version of the paper.

- CTF_Security.pdf: the slides for the presentation of the project.

📢 This release is for archival and public sharing purposes. Please cite appropriately if used in academic or professional contexts.

- TeX
Published by daspolo 11 months ago