keyboard_arrow_up


All posts


39 results


Exploring the DOMPurify library: Bypasses and Fixes

date_range date: Nov 17, 2024

Article - Web - mXSS




HeroCTF v6 Writeups

date_range date: Nov 01, 2024

Writeups - Web




Twitter challenge | Eventlet Client Side Desync

date_range date: May 22, 2024

Writeup - Twitter - Web - Request_Smuggling




Twisty Python

date_range date: Apr 13, 2024

Writeup - FCSC2024 - Web - Request_Smuggling




Pong

date_range date: Apr 13, 2024

Writeup - FCSC2024 - Web - SSRF




CORS Playground

date_range date: Apr 13, 2024

Writeup - FCSC2024 - Web - File_Read




Playing with DOMPurify's custom elements handling

date_range date: Feb 15, 2024

Article - Web - XSS




Intigriti January 2024 - XSS Challenge

date_range date: Jan 25, 2024

Writeup - CSPP - XSS




Another HTML Renderer

date_range date: Nov 03, 2023

Writeup - Web - XSS




Insecure Session Storage

date_range date: Nov 03, 2023

Writeup - Web - RCE




Intigriti October 2023 - XSS Challenge

date_range date: Nov 01, 2023

Writeup - Web - XSS




Linux local electron application script-src: self bypass

date_range date: Jul 04, 2023

Article - Web - XSS




Abusing Client-Side Desync on Werkzeug

date_range date: Jun 07, 2023

Article - Web - Request_Smuggling




XSS me luigi

date_range date: May 28, 2023

Writeup - Web - Esaip_2023 - MyChallenges




Infinite Mario

date_range date: May 27, 2023

Writeup - Web - Esaip_2023 - MyChallenges




YouWatch

date_range date: May 15, 2023

Writeup - Web - HeroCTF_v5 - MyChallenges




Simple Notes

date_range date: May 15, 2023

Writeup - Web - HeroCTF_v5 - MyChallenges




Whiskers in the dark

date_range date: Apr 26, 2023

Writeup - Web - RCE - FCSC2023




Tweedle Dee

date_range date: Apr 26, 2023

Writeup - Web - RCE - FCSC2023




Comme dans une chaussette

date_range date: Apr 16, 2023

Writeup - Web - RCE - midnightflag2023




Intigriti March 2023 - XSS Challenge

date_range date: Apr 08, 2023

Writeup - Web - XSS




EJS - Server Side Prototype Pollution gadgets to RCE

date_range date: Mar 09, 2023

Article - Web - SSPP




Last Battle

date_range date: Dec 25, 2022

Writeups - YogoshaChristmas_2022 - Web




Mission Forum

date_range date: Dec 25, 2022

Writeup - YogoshaChristmas_2022 - Web




Kara Jutsu Platform

date_range date: Dec 25, 2022

Writeup - YogoshaChristmas_2022 - Web




Kara Jutsu Access

date_range date: Dec 25, 2022

Writeup - YogoshaChristmas_2022 - Web




Forbidden Jutsu

date_range date: Dec 25, 2022

Writeup - YogoshaChristmas_2022 - Web




Secret Hideout

date_range date: Dec 25, 2022

Writeup - YogoshaChristmas_2022 - Web




Welcome to Kara Org

date_range date: Dec 25, 2022

Writeup - YogoshaChristmas_2022 - Web




Perfect Notes

date_range date: Aug 30, 2022

Writeup - 10kCTF_RootMe - Web - MyChallenges




Proxifier

date_range date: Aug 30, 2022

Writeup - 10kCTF_RootMe - Web - MyChallenges




Simple Login

date_range date: Aug 30, 2022

Writeup - 10kCTF_RootMe - Web - MyChallenges




B33rupload

date_range date: Aug 30, 2022

Writeup - Barbhack2022 - Web




Cloud Password Manager

date_range date: May 08, 2022

Writeup - FCSC2022 - Web




Avatar Generator

date_range date: May 08, 2022

Writeup - FCSC2022 - Web




MC Players

date_range date: May 08, 2022

Writeup - FCSC2022 - Web




How I was able to rick roll every users on root-me.org

date_range date: Mar 27, 2022

Article - Web




XML is love, XML is life

date_range date: Nov 27, 2021

Writeup - DgHack - Web




Panid

date_range date: Sep 09, 2021

Writeup - EC2_2021 - Web