A classic ret2win challenge on a 64-bit binary, overflow RIP with win() address to get flag.

A classic ret2shellcode with a twist, we use a gadget to execute our code off the stack. binary is 32-bit.

A write-what-where scenario that enables us to overwrite the destructor (dtor) in the relocations table with our win() function to get a shell.

A hardware challenge where we're given some serial output from a Arduino and the corresponding wiring diagram and encryption source code.