Update to New Format and add PicoCTF19

Author: PinkNoize

.github/CONTRIBUTING.md

@@ -15,10 +15,22 @@ Welcome to Cal Poly's White Hat Club's CTF Write-Up Repository! If you're readin
         * The ````README.md```` file for the folder is an exception to this rule.
         * Any pull requests on the ````LICENSE```` file or any files in the ````.github```` folder are an exception to this rule.
     3. All associated, non-markdown files should be placed in a subfolder named ````assets````
-        * All non-markdown files must use __camel case__.
+        * Asset file names should be prefixed with the challenge name.
+        * Asset files __do not__ have to use camel case if following another naming convention such as snake case for Python files.
     4. The folder containing the write-ups must contain a README.md
         * This file must contain:
             * The __full CTF name__,
             * The year,
             * And a bulleted list of formatted links to all write-up markdown files.
-                * This list must be in alphabetical order.
+                * This list should be sorted by category then by point value then by alphabetical order
+                * The links should be named `challenge name - point value`
+
+An example file structure for picoCTF19:
+```
+writeups
+└── picoCTF19
+     ├── assets
+     │    └── handyShellcodeCallGraph.png
+     ├── handyShellCode.md
+     └── README.md
+```

.github/TECHNIQUE_TEMPLATE.md

@@ -0,0 +1,29 @@
+# Technique Name
+Author: Feel free to put your name or alias
+
+## Result(s)
+- Result 1
+- Result 2
+
+## Requirement(s)
+- Requirement 1
+- Requirement 2
+
+## Steps
+
+1. Step One
+
+    Detailed general explanation of step one. You can include an example.
+
+2. Step Two
+
+    Detailed general explanation of step two. You can include an example.
+
+
+## Notes
+
+    Write any notes here. Some things you can write include clearing up when this technique is applicable or other techniques/tools that are relevant to this technique.
+
+## Example
+
+    Optional

.github/WRITEUP_TEMPLATE.md

@@ -0,0 +1,17 @@
+# CTF Name - Challenge Name
+Author: Feel free to put your name or alias \
+Date: Optional
+
+Category - Points
+
+> Copy/paste the challenge description here
+
+## TL;DR
+
+The TL;DR should include a brief description of both the challenge and the solution.
+
+# Writeup
+
+This is where your content goes. This should include the solution as well as how you got to that solution. Do not just post code without an explanation of the code. Any magic numbers/strings should have an explanation. Be sure to include and images, screenshots and any other figures if necessary. Writeups can be informal and don't have to be a purely technical document so feel free to include any entertaining or comedic content to keep the reader interested.
+
+Any important content you link to should be backed up in the `assets` folder to protect them from [link rot](https://en.wikipedia.org/wiki/Link_rot). Don't forget to cite any resources placed in `assets` or copied elsewhere.

README.md

@@ -1,2 +1,24 @@
-# ctf-writeups
-CTF Write Ups
+# White Hat CTF Writeups
+
+## Table of Contents
+
+- [Tools and Resources](tools/tools.md#tools-and-resources)
+    - [Binary Exploitation](tools/tools.md#binary-exploitation)
+    - [Cryptography](tools/tools.md#cryptography)
+    - [Forensics](tools/tools.md#forensics)
+    - [Reverse Engineering](tools/tools.md#reverse-engineering)
+    - [Web](tools/tools.md#web)
+- [Techniques](techniques/techniques.md#techniques)
+    - [Binary Exploitation](techniques/techniques.md#binary-exploitation-toc)
+    - [Cryptography](techniques/techniques.md#cryptography-toc)
+    - [Forensics](techniques/techniques.md#forensics-toc)
+    - [Reverse Engineering](techniques/techniques.md#reverse-engineering-toc)
+    - [Web](techniques/techniques.md#web-toc)
+- Writeups
+    - [PicoCTF 2019](writeups/picoCTF19/README.md)
+    - [UTCTF 2019](writeups/utctf19/README.md)
+    - [DEF CON Quals 2018](writeups/defConQuals18/README.md)
+    - [iFixit Trihackathon 2018](writeups/iFixitTrihackathon18/README.md)
+- Contributing
+    - [Code of Conduct](.github/CODE_OF_CONDUCT.md)
+    - [Contributing Guidelines](.github/CONTRIBUTING.md)

techniques/binary-exploitation/unknown-glibc.md

@@ -0,0 +1,23 @@
+# Determine Unknown Glibc Version from Leaked Addresses
+Author: PinkNoize
+
+## Result
+- Glibc version used by a process
+
+## Requirement
+- Address of 1 or more glibc functions
+
+## Steps
+
+1. Get the addresses of some glibc functions
+
+    You can get these addresses however you want. Some examples include debug statements or an arbitrary memory read to read the addresses out of the .got.plt section.
+
+2. Compare the addresses to known glibc address offsets
+
+    You should not do this manually. Use a tool like [libc-database](https://github.com/niklasb/libc-database). The online version is at [https://libc.rip/](https://libc.rip/).
+
+
+## Notes
+
+This technique is useful when you are supplied a challenge without a glibc ELF where exploitation would be simplified by having the glibc ELF. This can be combined with [one_gadget](https://github.com/david942j/one_gadget) to speed up the creation of shell dropping ROP chains.

techniques/techniques.md

@@ -0,0 +1,12 @@
+# Techniques
+
+## <a name="binary-exploitation-toc"></a> Binary Exploitation
+- [Determine Unknown Glibc Version from Leaked Addresses](binary-exploitation/unknown-glibc.md)
+
+## <a name="cryptography-toc"></a> Cryptography
+
+## <a name="forensics-toc"></a> Forensics
+
+## <a name="reverse-engineering-toc"></a> Reverse Engineering
+
+## <a name="web-toc"></a> Web

tools/tools.md

@@ -0,0 +1,63 @@
+# Tools and Resources
+## Table of Contents
+- [Binary Exploitation](#binary-exploitation)
+- [Cryptography](#cryptography)
+- [Forensics](#forensics)
+- [Reverse Engineering](#reverse-engineering)
+- [Web](#web)
+
+# Binary Exploitation
+- [Angr](https://angr.io/)
+- [BAP](https://github.com/BinaryAnalysisPlatform/bap)
+- [Pwntools](https://github.com/Gallopsled/pwntools)
+
+    Tutorial available [here](https://github.com/Gallopsled/pwntools-tutorial#readme) 
+
+- [LiveOverflow Binary Hacking Course](https://old.liveoverflow.com/binary_hacking/)
+
+# Cryptography
+
+
+# Forensics
+- [Autopsy/The Sleuth Kit](https://www.sleuthkit.org)
+
+# Reverse Engineering
+- [Binary Ninja](https://binary.ninja/)
+
+    - `Price:` $74 with student discount
+    - Comes with a BNIL(Binary Ninja Intermediate Languages) which approaches decompiled output.
+    - Debugger is hard to use.
+
+- [Cutter](https://cutter.re/)
+
+    - `Price:` Free
+    - GUI frontend of radare2
+    - Comes with Ghidra decompiler and many others can be installed
+    - Debugger support
+
+- [Ghidra](https://ghidra-sre.org/)
+
+    - `Price:` Free
+    - A free solid decompiler
+    - Spinning dragon animation
+
+- [Hopper](https://www.hopperapp.com/)
+
+    - `Price:` $99
+
+- [IDA](https://www.hex-rays.com/products/ida/)
+
+    - `Price:` Check the website, pricing page is too complicated
+    - Decompiler and debugger
+
+- [Radare2](https://www.radare.org)
+
+    - `Price:` Free
+    - Decompilers including Ghidra's can be installed
+    - Great debugger
+    - Pure commandline
+
+# Web
+- [Burp](https://portswigger.net/burp)
+- [gobuster](https://github.com/OJ/gobuster)
+- [sqlmap](https://github.com/sqlmapproject/sqlmap)