Search
BDSEC 2022 CTF Writeups
I will share my way of thinking and how I solved two challenges. Dominoes (Cryptography - 50) Knight Squad Shop (web - 100 points)...
Orel Gispan
Jul 21, 20223 min read
BSidesTLV 2022 CTF - "Medium Expectations"
I tried a pretty easy Crypto challenge. After using Netcat, the server asks us to guess the correct numbers repeatedly. After looking at...
Orel Gispan
Jul 1, 20221 min read
PortSwigger Labs - Cross-Site Scripting Answers
Hi, in this updating blog post, I will post answers and explanations of how I solved them. The difficulty levels are Apprentice, ...
Orel Gispan
Jun 18, 20222 min read
A Race Against Time
There was a delivery service that was introduced to the company I work for. They allowed employees to order groceries without a shipping...
Orel Gispan
Jun 2, 20222 min read
Forgot Password Vulnerabilities
I will probably update this post with new examples and screenshots. One of the features I like to test the most is the 'forgot password'...
Orel Gispan
May 21, 20223 min read
Duolingo - Unlimited XP Points
This is a story about the importance of testing the less popular areas in web applications. Duolingo gives experience points for...
Orel Gispan
May 15, 20221 min read
Simple IDOR With Critical Impact
I have a friend who studied in a popular academic institution. I happened to be in his house and I said why not "look" at their website...
Orel Gispan
May 14, 20222 min read