Intigriti March 2026 XSS Challenge: Full Writeup
DOM Clobbering + JSONP Callback Injection via DOMPurify Misconfiguration
Apr 13, 20268 min read12
Command Palette
Search for a command to run...
#ctf-writeup
Articles tagged with #ctf-writeup
Exploiting an LFI Vulnerability and Forging a Signature in BugcrowdCTF
Introduction During Bugcrowd CTF at Black Hat USA 2025, I tackled a web challenge involving SecureFile Solutions, a document management system with a hidden Local File Inclusion (LFI) vulnerability in its index.php. This journey involved exploiting t...
Aug 11, 20255 min read23CTF Challenge Writeup: Manipulating an ERC4626 Vault
Introduction Recently, I tackled a blockchain-based Capture The Flag (CTF) challenge that required exploiting the mechanics of an ERC4626 vault to meet a specific condition. The challenge revolved around smart contracts and demanded a solid grasp of ...
Jul 9, 20255 min read334T$ CTF Writeup: Homelab ? More like Pwnlab !
In this Capture The Flag (CTF) challenge, we were given access to two main targets: an SSH server running on a GoTTY shell and a NAS interface that allowed file uploads. My initial analysis revealed two key pieces of information. First, the SSH serve...
Nov 11, 20242 min read33
4T$ CTF Writeup: KittyKittyBank
The KittyKittyBank contract was written in Solidity, which allows users to send and withdraw ether (ETH) from the contract. In this blog post, I am providing a deep-dive into the details of the issue, and how it was exploited. Contract Overview Let's...
Nov 11, 20246 min read41