FlagForge organizes all CTF challenges on the Problems page, where you can browse, filter, and open individual challenges. Each challenge presents a self-contained puzzle — a web vulnerability to exploit, a file to analyze, a cipher to crack — and awards points when you submit the correct flag.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/flagForgeCTF/flagForge/llms.txt
Use this file to discover all available pages before exploring further.
Challenge anatomy
Every challenge is made up of a fixed set of fields. Expand each section below to learn what it means and how to use it.Title
Title
A short, descriptive name for the challenge. The title appears on the Problems page card and at the top of the challenge detail page. Use it to quickly identify a challenge when you return to it later.
Description
Description
The challenge brief. This is where you find the scenario, instructions, and any clues embedded in the problem statement. Read carefully — the description sometimes contains hints disguised as flavor text.
Category
Category
Each challenge belongs to a category that describes the domain of knowledge required. See Challenge categories below for the full list.
Points
Points
The base number of points added to your score when you solve the challenge. Challenges with higher point values are generally harder. Note that hint deductions are applied immediately when you reveal a hint — they are separate transactions from the solve award.
Hints
Hints
Optional hints attached to a challenge to help you when you’re stuck. Each hint has a point deduction cost. Unlocking a hint immediately subtracts that cost from your total score — the deduction happens at the moment you reveal the hint, not when you submit the flag. See Hints system below.
Links and files
Links and files
Depending on the challenge type, you may see an external link pointing to the target service or a downloadable file to analyze locally. Some challenges include both. See Challenge types below.
Challenge types
FlagForge supports two challenge delivery types:Link-based
The challenge provides a URL pointing to a live web service, remote server, or external resource. You interact with the target to find the flag. Common for web exploitation, networking, and service-based challenges.
File-based
The challenge includes a downloadable file — a binary, archive, image, PDF, or text file. You download and analyze it locally to extract the flag. Common for forensics, reverse engineering, and steganography.
Challenge categories
Challenges are tagged with a category so you can focus on areas that match your skills or learning goals.| Category | What you’ll practice |
|---|---|
| Web | HTTP, SQL injection, XSS, authentication bypasses, API abuse |
| Crypto | Classical ciphers, modern cryptography, encoding/decoding |
| Forensics | File analysis, memory dumps, steganography, log review |
| Pwn | Binary exploitation, buffer overflows, shellcode |
| Reverse | Disassembly, decompilation, obfuscated code |
| OSINT | Open-source intelligence gathering |
| Misc | Challenges that span multiple disciplines |
Filtering by category
On the Problems page, use the category filter bar at the top of the challenge list to narrow the view.- Click a category name (for example, Web or Forensics) to show only challenges in that category.
- Click All to return to the full list.
Time-limited challenges
Some challenges are only available for a fixed window of time. These are used for live CTF events and special competitions. Time-limited challenges display a countdown timer showing how long you have left. When the timer reaches zero, the challenge closes automatically. Check the challenge description for any event-specific rules about time limits.Hints system
Each challenge can include one or more hints. Hints are locked by default — you decide whether to reveal them.View available hints
On the challenge detail page, scroll to the Hints section. You can see how many hints exist and the point cost for each one before you reveal it.
Reveal a hint
Click the hint to unlock it. The point deduction is applied to your score immediately. The hint text becomes visible and stays visible for the rest of your session.
Point deductions from hints apply immediately when you reveal the hint. The solve itself awards the full base point value. Only reveal hints when you genuinely need them — each one reduces your net gain for that challenge.