Simple but not that easy

Inspecting binary file for code?

Not the hacking group

Escalating privileges using Linux Containers? (LXD)

Very exhausting hunt for a flag through websites and plugins

Remote Code Execution in action (CVE-2019-15107)

Might not be the easiest one and the 45 min mark is very optimistic for sure

Steganography bait? Brute-force the hell out of it

Getting the credentials using PGP key?

Pretty good challenge using tomcat file upload and metasploit