Search
Orel Gispan
Sep 302 min
BuckeyeCTF 2024 - quotes (Web)
Unfortunately, I did not have much time to try more challenges so this will be a short one. The challenge provided the URL for the web...
233 views0 comments
Orel Gispan
Sep 232 min
PatriotCTF 2024 - Open Seasame (Web)
The challenge provided two files - server.py and admin.js, and a link to a web application that lets us enter a URL path that the bot...
380 views0 comments
Orel Gispan
Sep 102 min
Small Winds - No. 03
A personal mini blog about infosec and life Previously, I mentioned my interest in improving my knowledge of browser internals and...
137 views0 comments
Orel Gispan
Aug 163 min
Small Winds - No. 02
A personal mini blog about infosec and life The past week and a half was not very productive since I was unwell most of the time. It was...
66 views0 comments
Orel Gispan
Aug 73 min
Small Winds - No. 01
A personal mini blog about infosec and life Recently, I encountered a blog that inspired me to create a more personal mini blog as part...
46 views0 comments
Orel Gispan
Jun 273 min
BSidesTLV 2024 CTF
This year I participated with Flag Fortress 2, and we reached the 2nd place (which is well above my goals I set for myself two years...
228 views2 comments
Orel Gispan
May 143 min
TBTL CTF Web Writeups
Challenges: Rnd For Data Science 2. Butterfly Rnd For Data Science Vulnerability: Injection in Pandas library query allows to bypass...
43 views2 comments
Orel Gispan
May 16 min
Large Language Models for CTFs
I really like using Large Language Models (LLMs). One of my uses for them is solving CTFs. Recently I started comparing a couple of them,...
234 views2 comments
Orel Gispan
Jan 243 min
UofTCTF 2024 Writeups
This time we reached the 83rd place out of 1225 teams, which is a really nice score. Although it wasn't a very hard CTF, I found it fun...
396 views2 comments
Orel Gispan
Oct 28, 20233 min
MetaRed CTF Argentina
In this CTF we finished in 26th place. Here are two writeups of challenges I have solved. I didn't put many screenshots since the CTF was...
526 views0 comments
Orel Gispan
Oct 24, 20231 min
DEADFACE CTF 2023
The theme of this CTF was an evil hacker group called "DEADFACE". Additionally, there were some other groups and companies that were part...
610 views2 comments
Orel Gispan
May 2, 20233 min
UMDCTF 2023
Together with members of the Hallios community and CyberSecMaverick, I participated in UMDCTF 2023. The CTF theme was Pokémon and I...
639 views0 comments
Orel Gispan
Apr 24, 20232 min
Space Heroes CTF
Playing with Cyber R0nin team, Here are several writeups of some of the challenges: 1. attack-strategies - WEB 2. Bank-of-Knowhere - WEB...
390 views0 comments
Orel Gispan
Jul 21, 20223 min
BDSEC 2022 CTF Writeups
I will share my way of thinking and how I solved two challenges. Dominoes (Cryptography - 50) Knight Squad Shop (web - 100 points)...
303 views0 comments
Orel Gispan
Jul 1, 20221 min
BSidesTLV 2022 CTF - "Medium Expectations"
I tried a pretty easy Crypto challenge. After using Netcat, the server asks us to guess the correct numbers repeatedly. After looking at...
348 views0 comments
Orel Gispan
Jun 18, 20222 min
PortSwigger Labs - Cross-Site Scripting Answers
Hi, in this updating blog post, I will post answers and explanations of how I solved them. The difficulty levels are Apprentice, ...
96 views0 comments
Orel Gispan
Jun 2, 20222 min
A Race Against Time
There was a delivery service that was introduced to the company I work for. They allowed employees to order groceries without a shipping...
140 views0 comments
Orel Gispan
May 21, 20223 min
Forgot Password Vulnerabilities
I will probably update this post with new examples and screenshots. One of the features I like to test the most is the 'forgot password'...
41 views0 comments
Orel Gispan
May 15, 20221 min
Duolingo - Unlimited XP Points
This is a story about the importance of testing the less popular areas in web applications. Duolingo gives experience points for...
137 views0 comments
Orel Gispan
May 14, 20222 min
Simple IDOR With Critical Impact
I have a friend who studied in a popular academic institution. I happened to be in his house and I said why not "look" at their website...
43 views0 comments