meow

5 files changed, 36 insertions, 4 deletions

diff --git a/ctf/crypto.md b/ctf/crypto.md
index 7ff4bd2..f1b061d 100644
--- a/ctf/crypto.md
+++ b/ctf/crypto.md
@@ -5,6 +5,8 @@ title: some notes on cryptography
 
 # cryptography
 
+## practice
+
 - [cryptohack](https://cryptohack.com)
 - [cryptopals](https://cryptopals.org)
 
diff --git a/ctf/index.md b/ctf/index.md
index bf2cdd4..aaf7d94 100644
--- a/ctf/index.md
+++ b/ctf/index.md
@@ -11,8 +11,21 @@ title: ctf
 
 # all my knowledge about capture the flag
 
-[capture the flag](https://en.wikipedia.org/wiki/Capture_the_flag_(cybersecurity)) is a wonderful activity in which one gets together with a merry band of friends to solve puzzles for the sake of solving puzzles and learning things. such puzzles are often security-related.
+[capture the flag](https://en.wikipedia.org/wiki/Capture_the_flag_(cybersecurity)) is a wonderful activity in which one gets together with a merry band of friends to solve puzzles for the sake of solving puzzles and learning. such puzzles are often security-related.
 
-capture the flag competitions ("ctfs") are hosted by established teams, or organizations, or corporations. there is typically at least one running at any given time: although most usually start fridays and run for a day or two.
+capture the flag competitions ("ctfs") are hosted by established teams, or security organizations, or corporations.
+there is typically at least one running at any given time: although most usually start fridays and run for a day or two.
+a list of past, present, and future ctfs can be found on [ctftime](https://ctftime.org/).
 
-while competing in ctfs can be group work: practice is overwhelmingly a solo activity. to learn how to play ctfs, one must learn to be very comfortable learning on their own.
+while competing in ctfs can be group work: practice is overwhelmingly a solo activity.
+to get good at playing in ctfs, one must learn to be very comfortable learning on their own.
+
+## [crypto](cryptography)
+
+## [rev](reverse-engineering)
+
+## [pwn](binary-exploitation)
+
+## [web](web-security)
+
+## [misc](miscellaneous-problems)
diff --git a/ctf/pwn.md b/ctf/pwn.md
index 053ea28..eaa2ee8 100644
--- a/ctf/pwn.md
+++ b/ctf/pwn.md
@@ -5,6 +5,8 @@ title: some notes on binary exploitation
 
 # binary exploitation
 
+## practice
+
 - [pwn.college](https://pwn.college)
 - [ionetgarage](https://io.netgarage.org/), [pwnable.kr](https://pwnable.kr/), [pwnable.tw](https://pwnable.tw), [pwnable.xyz](https://pwnable.xyz)...
 - [the nightmare book](https://guyinatuxedo.github.io/)
@@ -12,5 +14,6 @@ title: some notes on binary exploitation
 
 ## tooling
 
+- [pwntools](https://github.com/Gallopsled/pwntools)
 - [angr](https://angr.io/)
 - [z3](https://github.com/Z3Prover/z3), [cvc5](https://cvc5.github.io/), [stp](https://stp.github.io/), [yices2](https://yices.csl.sri.com/): smt solvers
diff --git a/ctf/rev.md b/ctf/rev.md
index ba82c48..e39710b 100644
--- a/ctf/rev.md
+++ b/ctf/rev.md
@@ -5,9 +5,17 @@ title: some notes on reverse engineering
 
 # reverse engineering
 
+## practice
+
 - [crackmes.one](https://crackmes.one)
 
 ## tooling
 
 - [ghidra](https://ghidra-sre.org/) [free]
 - [binary ninja](https://binary.ninja/) [$75 for students]
+- [GDB](https://www.sourceware.org/gdb/)
+- [GEF](https://github.com/hugsy/gef)
+
+## language-specific tips: go
+
+## language-specific tips: rust
diff --git a/ctf/web.md b/ctf/web.md
index 93612ae..a68f693 100644
--- a/ctf/web.md
+++ b/ctf/web.md
@@ -5,14 +5,20 @@ title: some notes on web security
 
 # web security
 
+## practice
+
+- [picoctf.org](https://picoctf.org)
 - [websec.fr](https://websec.fr)
+- https://portswigger.net/web-security/all-materials
 
 ## tooling
 
+- curl
 - devtools
 - burp suite
 - mitmproxy
-- ???
+- [webhook.site](https://webhook.site/)
+- [dnslog.cn](http://www.dnslog.cn/)
 
 ## common attacks