Welcome to Bread & Yolk (BAY) where innovation meets cybersecurity excellence. Established in 2022 in Jakarta, Indonesia, BAY is a dynamic cybersecurity collective dedicated to advancing the field through cutting-edge projects, impactful educational initiatives, and community engagement.
At BAY, we specialize in providing vendor services for Capture The Flag (CTF) challenges and competitions, leveraging our technical expertise to design intricate and high-quality scenarios that test and enhance the skills of cybersecurity professionals and enthusiasts alike. Our Jeopardy-style CTF competitions serve as a collaborative platform, fostering skill development and camaraderie within the global cybersecurity community.
Beyond challenges, we are committed to empowering blue teams through innovative malware development and solutions for cyber defense. These projects simulate real-world attack scenarios, enabling organizations to evaluate their detection capabilities, enhance incident response workflows, and strengthen SOC operations.
To further our mission, we share insights through Medium by creating articles on cybersecurity.
Key Focus Areas:
- Blue Anvil Projects – Developing malware and solutions to support cyber defense and SOC evaluations.
- CTF Challenges & Competitions – Acting as a vendor to design and host engaging Jeopardy-style events for skill-building and community growth.
- Knowledge Sharing – Publishing comprehensive articles on cybersecurity topics via Medium to educate and inspire.
Blue Anvil Projects
Developed by: jon-brandy | LS | Q
Plaguards is a cutting-edge security tool built to streamline and automate the deobfuscation of obfuscated PowerShell scripts, empowering security teams to rapidly identify Indicators of Compromise (IOCs) and determine whether they represent valid threats (VT) or false positives (FP). Each analysis is documented in a comprehensive PDF report, designed to provide deep insights and actionable intelligence.
As a web app, Plaguards offers users the flexibility to conduct powerful, on-demand analysis from anywhere, at any time, making it invaluable to blue teams tasked with responding to complex malware threats. This innovation not only accelerates workflows but also enhances detection accuracy, positioning Plaguards as a vital asset in proactive threat response.
| Schedule | Details |
|---|---|
 |
 |
| Github Page |
|---|
| Plaguards |
Developed by: CTRLRLTY
JARY is a runtime for creating .jary rules to search and correlate log data from external sources. It allows users to define structured rules that filter, match, and analyze log entries to support data analysis and automation. The JARY runtime is a lightweight library written in C that can be dynamically linked with other programs. It provides functions to compile JARY rules, feed data into the runtime, and execute the rules, all accessible from a single library through function calls. The .jary rule syntax is derived from the YARA language developed by VirusTotal.
| Schedule | Details |
|---|---|
 |
( |
| Github Page |
|---|
| JARY |
Developed by: dwiyantech
Kegembok is a Ransomware tools, a cross-platform (Linux, Mac, and Windows) ransomware made from the Golang programming language, encryption using AES-256-GCM, in this program you can use your own key. This program is for educational purposes only and helpful for simulation like tabletop or ransomware test.
| Github Page |
|---|
| Kegembok |
Vendor Project(s)
The CTF lab at Cyberyolk is designed with national standards in mind. Each challenge in the lab is crafted by experienced problem creators, ensuring engaging and relevant challenges in today’s cybersecurity landscape.
This CTF follows a Jeopardy theme, featuring a variety of categories including Binary Exploitation, Cryptography, Computer Forensics, OSINT, Reverse Engineering, and Web Exploitation. With this theme and range of categories, participants have the opportunity to sharpen diverse technical skills in cybersecurity.
In addition to the exciting competition experience, Cyberyolk also offers attractive incentives for participants. Prizes will be awarded to those who secure positions 1, 2, and 3 as an added motivation to strive harder. Winners will also receive an e-certificate as a prestigious acknowledgment they can add to their portfolio.
| The Creator | CBY Mascot |
|---|---|
 |
 |
| Appreciation Post for All the Challenge Author | Lab & Competition Poster |
|---|---|
 |
 |
| Banner | Scoreboard for Top 10 Users |
|---|---|
 |
 |
| Dashboard | Challs Page |
|---|---|
 |
 |
| Awarding Announcement for the Winner | Cyberyolk Broadcast at BINUS News |
|---|---|
 |
 |
Articles
| Article Name | Channel | Link to Article |
|---|---|---|
Hack The Box — Restaurant WriteUp |
Medium | LINK |
Overcoming ASLR: A Guide to Conquering ret2libc Challenges with PIE |
Medium | LINK |
CyberGonCTF - autograph (pwn) |
Medium | LINK |
CLICK HERE
| THE FOUNDERS |
|---|
| NAME | GITHUB ACCOUNT | LINKEDIN PAGE |
|---|---|---|
| Nicolas Saputra Gunawan | jon-brandy | |
| Satya Kusuma | Q | |
| Rio Ferdinand Vindi Tanius | RioFerdinand25 |
| Graphic Design Artist |
|---|
| NAME | LINKEDIN PAGE |
|---|---|
| Gede Bramanta Pandya Wisesa |
| BOARD AGENTS |
|---|
| NAME | USERNAME | Specialization | Occupation |
|---|---|---|---|
| Nicolas Saputra Gunawan | jon-brandy | Binary Exploitation - Digital Forensic & Incident Response (DFIR) | Cyber Security Analyst - L1 |
| Satya Kusuma | Q | Threat Intelligence | Cyber Security Engineer |
| Rio Ferdinand Vindi Tanius | RioFerdinand25 | Digital Forensic | Cyber Security Engineer |
| Mikael Wiryamanta Wijaya | PlasmaRing | Reverse Engineering - Cryptography | Junior Penetration Tester |
| Jeffrey Jingga | ArkynGenics | Web Exploitation | Offensive Cyber Security Engineer |
| Pitra Winarianto | ptr173 | Reverse Engineering | Cyber Security Engineer |
| Bertrand Redondo Mulyono | LawsonSchwantz | Reverse Engineering - Cryptography | Cyber Security Consultant |
| Steven Liem | SSV132 | Reverse Engineering - Web Exploitation | Information Security Consultant |
| Antonyous Mikhael Aleksander | Antonyous10 | Cryptography | Cyber Security Analyst - L2 |
| Stephan Chandra | stephanchandra | Cryptography | Junior Programmer |
| Vincent Aldiandra | Matrsixx | Web Exploitation | Cyber Threat Intelligence & Incident Response |
| Muhammad Raznan | CTRLRLTY | Software Engineering - Reverse Engineering | Research & Development |
| Ahmad Dwiyan Anugrah Putra | DwiyanTech | Infrastrucure Engineering - Threat Hunting & Incident Response (THIR) | Senior Threat Hunter & Incident Response |
