Paul Hempshall

Website Cyber Security Professional

Free digital forensics CTF challenges

Published: September 5, 2021 11:18 am
Updated: September 9, 2022 4:42 pm

Capture The Flag Write-Up

These are some of my digital forensics / steganography capture-the-flag challenges. They are freely available for personal and non-commercial use. Each section contains a description, download link, and a small write-up with the answer. You can download all the challenges (41.1 MB) if you wish.

Since making these CTF’s I’ve been asked numerous times about how I come up with the ideas. The ideas are a combination of adaptations of known methods and inspiration from TV shows (hacking, spies, etc). One thing I have learned from making these - the less technical, the harder they are.

Table of contents


To The Moon

This person has been storing messages on the blockchain with Bitcoin, but we can't even find their wallet address. All we found was a grumpy cat picture. Find the wallet address to find the flag{}.

Download CTF (294KB)

Bad Blockchain

This new botnet is using blockchain to store backup command-and-control server IP addresses. We’ve extracted the Bitcoin address but it’s not using the traditional OP_RETURN to hide the data. Can you find the IP address?

Download CTF (2KB)


Hit a brick wall

The spare key is usually under the doormat, a plant pot, or a rock…

Download CTF (14KB)

Turtles all the way down

Just an archive of happy turtle pictures.

Download CTF (1.3MB)



The director of this company believes 2 of his employees are sending secret messages using some sort of mathematical code, but the messages seem to be on-topic.

Download CTF (3KB)



This email was intercepted from a compromised webserver. We believe criminals were using it to send secret messages but the message body is vague and does not use PGP encryption.

Download CTF (4KB)


Found in the system32 directory, this .dll file doesn’t do what it says.

Download CTF (174KB)


Elliot’s secret stash

Free stuff is good, but you could be storing something sinister without your consent.

Download CTF (39.3MB)