UMDCTF 2023
Together with members of the Hallios community and CyberSecMaverick, I participated in UMDCTF 2023. The CTF theme was Pokémon and I...
Space Heroes CTF
Playing with Cyber R0nin team, Here are several writeups of some of the challenges: 1. attack-strategies - WEB 2. Bank-of-Knowhere - WEB...
TFC CTF Writeups
Two friends of mine and me solved a couple of challagnes in TFC CTF (we solved them together). And in this post, there are writeups for...
BDSEC 2022 CTF Writeups
I will share my way of thinking and how I solved two challenges. Dominoes (Cryptography - 50) Knight Squad Shop (web - 100 points)...
BSidesTLV 2022 CTF - "Medium Expectations"
I tried a pretty easy Crypto challenge. After using Netcat, the server asks us to guess the correct numbers repeatedly. After looking at...
PortSwigger Labs - Cross-Site Scripting Answers
Hi, in this updating blog post, I will post answers and explanations of how I solved them. The difficulty levels are Apprentice, ...
A Race Against Time
There was a delivery service that was introduced to the company I work for. They allowed employees to order groceries without a shipping...
Forgot Password Vulnerabilities
I will probably update this post with new examples and screenshots. One of the features I like to test the most is the 'forgot password'...
Duolingo - Unlimited XP Points
This is a story about the importance of testing the less popular areas in web applications. Duolingo gives experience points for...
Simple IDOR With Critical Impact
I have a friend who studied in a popular academic institution. I happened to be in his house and I said why not "look" at their website...