Hackerone has given me the opportunity to throw together some CTF challenges and put them in front of a huge audience and for that I think it has been a pretty cool experience. The problems that I have focused on writing
What makes h1-ctfs so special?
Hackerone hackers are the coolest hackers. They all come from different backrounds and are some of the most contemplative, patient, and interesting people you will meet. Having fostered such a great community, events like h1-ctfs are a joy to put on. The goal of an h1-ctf is to not only to find the best technical talent, but to also find those who are really stellar reporters too. The winners of these events should embrace what it means to be a bug bounty researcher.
The winners for every h1-ctf get a free trip to where ever the h1 event is being held (vegas - 702 and D.C. - 202). This incentive is too good not to give it your all during this competition and when paired with interesting problems, you get some really good work. h1-ctfs capture this work in the writeups we require participants to do so that we can not only see that they solved it, but can communicate their solution with us.
Where are the links to h1-ctf writeups?
I think what I have been most impressed by is the quality of writeups that we receive from contestants. Having to decide the winner is sometimes very difficult as each submission has something that the other does not. After reading over each one again and again, it begins to come clear which ones really stand out as consistently dense with information and explaination. It is not to say an elegant, simple writeup would not fair well, a really good writeup is one that can succinctly describe why a solution works starting with the nuts and bolts of the challenge. I writeup that I thought was really good was Lucio’s challenge 5 writeup.
Where can I go to checkout the problems?
Here is the repo where you can find all of these problems.