Search
Orel Gispan
Oct 143 min read
Small Winds - No. 04
A personal mini blog about infosec and life Recently, YouTube reminded me of a piece I used to listen to: https://www.youtube.com/watch?v...
83 views0 comments
Orel Gispan
Sep 302 min read
BuckeyeCTF 2024 - quotes (Web)
Unfortunately, I did not have much time to try more challenges so this will be a short one. The challenge provided the URL for the web...
254 views0 comments
Orel Gispan
Sep 232 min read
PatriotCTF 2024 - Open Seasame (Web)
The challenge provided two files - server.py and admin.js, and a link to a web application that lets us enter a URL path that the bot...
418 views0 comments
Orel Gispan
Sep 102 min read
Small Winds - No. 03
A personal mini blog about infosec and life Previously, I mentioned my interest in improving my knowledge of browser internals and...
148 views0 comments
Orel Gispan
Aug 163 min read
Small Winds - No. 02
A personal mini blog about infosec and life The past week and a half was not very productive since I was unwell most of the time. It was...
74 views0 comments
Orel Gispan
Aug 73 min read
Small Winds - No. 01
A personal mini blog about infosec and life Recently, I encountered a blog that inspired me to create a more personal mini blog as part...
47 views0 comments
Orel Gispan
Jun 273 min read
BSidesTLV 2024 CTF
This year I participated with Flag Fortress 2, and we reached the 2nd place (which is well above my goals I set for myself two years...
231 views2 comments
Orel Gispan
May 143 min read
TBTL CTF Web Writeups
Challenges: Rnd For Data Science 2. Butterfly Rnd For Data Science Vulnerability: Injection in Pandas library query allows to bypass...
44 views2 comments
Orel Gispan
May 16 min read
Large Language Models for CTFs
I really like using Large Language Models (LLMs). One of my uses for them is solving CTFs. Recently I started comparing a couple of them,...
245 views2 comments
Orel Gispan
Jan 243 min read
UofTCTF 2024 Writeups
This time we reached the 83rd place out of 1225 teams, which is a really nice score. Although it wasn't a very hard CTF, I found it fun...
410 views2 comments
Orel Gispan
Oct 28, 20233 min read
MetaRed CTF Argentina
In this CTF we finished in 26th place. Here are two writeups of challenges I have solved. I didn't put many screenshots since the CTF was...
542 views0 comments
Orel Gispan
Oct 24, 20231 min read
DEADFACE CTF 2023
The theme of this CTF was an evil hacker group called "DEADFACE". Additionally, there were some other groups and companies that were part...
673 views2 comments
Orel Gispan
May 2, 20233 min read
UMDCTF 2023
Together with members of the Hallios community and CyberSecMaverick, I participated in UMDCTF 2023. The CTF theme was Pokémon and I...
641 views0 comments
Orel Gispan
Apr 24, 20232 min read
Space Heroes CTF
Playing with Cyber R0nin team, Here are several writeups of some of the challenges: 1. attack-strategies - WEB 2. Bank-of-Knowhere - WEB...
394 views0 comments
Orel Gispan
Jul 21, 20223 min read
BDSEC 2022 CTF Writeups
I will share my way of thinking and how I solved two challenges. Dominoes (Cryptography - 50) Knight Squad Shop (web - 100 points)...
304 views0 comments
Orel Gispan
Jul 1, 20221 min read
BSidesTLV 2022 CTF - "Medium Expectations"
I tried a pretty easy Crypto challenge. After using Netcat, the server asks us to guess the correct numbers repeatedly. After looking at...
348 views0 comments
Orel Gispan
Jun 18, 20222 min read
PortSwigger Labs - Cross-Site Scripting Answers
Hi, in this updating blog post, I will post answers and explanations of how I solved them. The difficulty levels are Apprentice, ...
97 views0 comments
Orel Gispan
Jun 2, 20222 min read
A Race Against Time
There was a delivery service that was introduced to the company I work for. They allowed employees to order groceries without a shipping...
142 views0 comments
Orel Gispan
May 21, 20223 min read
Forgot Password Vulnerabilities
I will probably update this post with new examples and screenshots. One of the features I like to test the most is the 'forgot password'...
41 views0 comments
Orel Gispan
May 14, 20221 min read
Duolingo - Unlimited XP Points
This is a story about the importance of testing the less popular areas in web applications. Duolingo gives experience points for...
140 views0 comments