# Capture the Flags (CTFs)

- [Flaws.Cloud](https://www.techwithtyler.dev/cloud-security/capture-the-flags-ctfs/flaws.cloud.md): A walkthrough of the CTF Flaws.Cloud
- [Level 1](https://www.techwithtyler.dev/cloud-security/capture-the-flags-ctfs/flaws.cloud/level-1.md): A CTF walkthrough for level 1 of Flaws.Cloud
- [Level 2](https://www.techwithtyler.dev/cloud-security/capture-the-flags-ctfs/flaws.cloud/level-2.md): A CTF walkthrough for level 2 of Flaws.Cloud
- [Level 3](https://www.techwithtyler.dev/cloud-security/capture-the-flags-ctfs/flaws.cloud/level-3.md): A CTF walkthrough for level 3 of Flaws.Cloud
- [Level 4](https://www.techwithtyler.dev/cloud-security/capture-the-flags-ctfs/flaws.cloud/level-4.md): A CTF walkthrough for level 4 of Flaws.Cloud
- [Level 5](https://www.techwithtyler.dev/cloud-security/capture-the-flags-ctfs/flaws.cloud/level-5.md): A CTF walkthrough for level 5 of Flaws.Cloud
- [Level 6](https://www.techwithtyler.dev/cloud-security/capture-the-flags-ctfs/flaws.cloud/level-6.md): A CTF walkthrough for level 6 of Flaws.Cloud
- [PwnedLabs](https://www.techwithtyler.dev/cloud-security/capture-the-flags-ctfs/pwnedlabs.md): A collection of capture-the-flag walkthroughs from PwnedLabs.io
- [Escalate Privileges by IAM Policy Rollback](https://www.techwithtyler.dev/cloud-security/capture-the-flags-ctfs/pwnedlabs/escalate-privileges-by-iam-policy-rollback.md): A walkthrough demonstrating how to abuse the IAM permission: SetDefaultPolicyVersion
- [Exploiting Weak S3 Bucket Policies](https://www.techwithtyler.dev/cloud-security/capture-the-flags-ctfs/pwnedlabs/exploiting-weak-s3-bucket-policies.md): A walkthrough demonstrating how weak S3 Bucket policies can lead to system compromise, data exposure and exfiltration.
- [Leveraging S3 Bucket Versioning](https://www.techwithtyler.dev/cloud-security/capture-the-flags-ctfs/pwnedlabs/leveraging-s3-bucket-versioning.md): A walkthrough demonstrating how S3 Bucket Versioning can lead to data exposure and exfiltration.
- [S3 Enumeration Basics](https://www.techwithtyler.dev/cloud-security/capture-the-flags-ctfs/pwnedlabs/s3-enumeration-basics.md): A walkthrough demonstrating how to enumerate S3, exploit a misconfiguration, and escalate privileges to obtain sensitive data.
- [Pillage Exposed RDS Instances](https://www.techwithtyler.dev/cloud-security/capture-the-flags-ctfs/pwnedlabs/pillage-exposed-rds-instances.md): A walkthrough demonstrating how to exfiltrate data from a public RDS instance.
- [EC2 SSRF Attack](https://www.techwithtyler.dev/cloud-security/capture-the-flags-ctfs/pwnedlabs/ec2-ssrf-attack.md): A walkthrough demonstrating a Server Side Request Forgery attack leading to credit card data exfiltration.
- [Hunt for Secrets in Git Repos](https://www.techwithtyler.dev/cloud-security/capture-the-flags-ctfs/pwnedlabs/hunt-for-secrets-in-git-repos.md): A walkthrough demonstrating the importance of preventing credentials being committed to git repositories.
- [Cybr](https://www.techwithtyler.dev/cloud-security/capture-the-flags-ctfs/cybr.md): A collection of capture-the-flag walkthroughs from cybr.com
- [Challenge - Secrets Unleashed](https://www.techwithtyler.dev/cloud-security/capture-the-flags-ctfs/cybr/challenge-secrets-unleashed.md): A walkthrough demonstrating how to abuse and escalate IAM permissions.
- [WIZ - The Ultimate Cloud Security Championship](https://www.techwithtyler.dev/cloud-security/capture-the-flags-ctfs/wiz-the-ultimate-cloud-security-championship.md)
- [June 2025 - Perimeter Leak](https://www.techwithtyler.dev/cloud-security/capture-the-flags-ctfs/wiz-the-ultimate-cloud-security-championship/june-2025-perimeter-leak.md): A walkthrough of the WIZ Ultimate Cloud Security Championship for June 2025


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://www.techwithtyler.dev/cloud-security/capture-the-flags-ctfs.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.