Posts by Tag

WEB

Babier CSP - DiceCTF

Babier CSP - DiceCTF

A nice Content Security Policy (CSP) challenge that had a very nice way of giving you all the pieces you need from the beginning to have a path forward to find the flag. Upon noticing that the nonce value for the script-src CSP directive does not ...

PASTEURIZE - Google CTF

PASTEURIZE - Google CTF

This was a super fun challenge that really tests your process and thoroughness when assessing a web application. Admittedly, I did not complete the challenge before the CTF was over, but that shouldn’t stop you from following through on fin...

HTB Web Challenge - Console

HTB Web Challenge - Console

Console was a pretty straightforward challenge if your familiar with code review and authentication methods. It was really fun to be pushed to use Chrome for this challenge as you’ll become much more familiar with the developer tools layout...

HTB Web Challenge - Interdimensional Internet

HTB Web Challenge - Interdimensional Internet

Interdimensional Internet was an incredibly fun challenge to do. It has several layers and a few clever gotcha-ya’s that require you to slow down and really understand what was going on behind the scenes. My advice for this challenge...

Back to top ↑

PHP

HTB Web Challenge - Console

HTB Web Challenge - Console

Console was a pretty straightforward challenge if your familiar with code review and authentication methods. It was really fun to be pushed to use Chrome for this challenge as you’ll become much more familiar with the developer tools layout...

Back to top ↑

PYTHON

HTB Web Challenge - Interdimensional Internet

HTB Web Challenge - Interdimensional Internet

Interdimensional Internet was an incredibly fun challenge to do. It has several layers and a few clever gotcha-ya’s that require you to slow down and really understand what was going on behind the scenes. My advice for this challenge...

Back to top ↑

INPUT SANITIZATION

MyLittlePwny - JustCTF

MyLittlePwny - JustCTF

A simple “PWNING” challenge, that I found to be more of a bash challenge. Requires you to discover the correct escape character in order to execute bash commands, some of which are filtered. As such, you must find the command that can output the...

PASTEURIZE - Google CTF

PASTEURIZE - Google CTF

This was a super fun challenge that really tests your process and thoroughness when assessing a web application. Admittedly, I did not complete the challenge before the CTF was over, but that shouldn’t stop you from following through on fin...

Back to top ↑

LFI

Back to top ↑

WERKZEUG

Back to top ↑

LDAP

Back to top ↑

WAF

HTB Web Challenge - Interdimensional Internet

HTB Web Challenge - Interdimensional Internet

Interdimensional Internet was an incredibly fun challenge to do. It has several layers and a few clever gotcha-ya’s that require you to slow down and really understand what was going on behind the scenes. My advice for this challenge...

Back to top ↑

SCRIPTING

HTB Web Challenge - Interdimensional Internet

HTB Web Challenge - Interdimensional Internet

Interdimensional Internet was an incredibly fun challenge to do. It has several layers and a few clever gotcha-ya’s that require you to slow down and really understand what was going on behind the scenes. My advice for this challenge...

Back to top ↑

WHITEBOX

HTB Web Challenge - Console

HTB Web Challenge - Console

Console was a pretty straightforward challenge if your familiar with code review and authentication methods. It was really fun to be pushed to use Chrome for this challenge as you’ll become much more familiar with the developer tools layout...

Back to top ↑

BRUTEFORCE

HTB Web Challenge - Console

HTB Web Challenge - Console

Console was a pretty straightforward challenge if your familiar with code review and authentication methods. It was really fun to be pushed to use Chrome for this challenge as you’ll become much more familiar with the developer tools layout...

Back to top ↑

AUTHENTICATION

HTB Web Challenge - Console

HTB Web Challenge - Console

Console was a pretty straightforward challenge if your familiar with code review and authentication methods. It was really fun to be pushed to use Chrome for this challenge as you’ll become much more familiar with the developer tools layout...

Back to top ↑

PARAM INJECTION

PASTEURIZE - Google CTF

PASTEURIZE - Google CTF

This was a super fun challenge that really tests your process and thoroughness when assessing a web application. Admittedly, I did not complete the challenge before the CTF was over, but that shouldn’t stop you from following through on fin...

Back to top ↑

NODEJS

PASTEURIZE - Google CTF

PASTEURIZE - Google CTF

This was a super fun challenge that really tests your process and thoroughness when assessing a web application. Admittedly, I did not complete the challenge before the CTF was over, but that shouldn’t stop you from following through on fin...

Back to top ↑

JAVASCRIPT

PASTEURIZE - Google CTF

PASTEURIZE - Google CTF

This was a super fun challenge that really tests your process and thoroughness when assessing a web application. Admittedly, I did not complete the challenge before the CTF was over, but that shouldn’t stop you from following through on fin...

Back to top ↑

XSS

PASTEURIZE - Google CTF

PASTEURIZE - Google CTF

This was a super fun challenge that really tests your process and thoroughness when assessing a web application. Admittedly, I did not complete the challenge before the CTF was over, but that shouldn’t stop you from following through on fin...

Back to top ↑

PWN

MyLittlePwny - JustCTF

MyLittlePwny - JustCTF

A simple “PWNING” challenge, that I found to be more of a bash challenge. Requires you to discover the correct escape character in order to execute bash commands, some of which are filtered. As such, you must find the command that can output the...

Back to top ↑

MISC

MyLittlePwny - JustCTF

MyLittlePwny - JustCTF

A simple “PWNING” challenge, that I found to be more of a bash challenge. Requires you to discover the correct escape character in order to execute bash commands, some of which are filtered. As such, you must find the command that can output the...

Back to top ↑

LINUX

MyLittlePwny - JustCTF

MyLittlePwny - JustCTF

A simple “PWNING” challenge, that I found to be more of a bash challenge. Requires you to discover the correct escape character in order to execute bash commands, some of which are filtered. As such, you must find the command that can output the...

Back to top ↑

BASH

MyLittlePwny - JustCTF

MyLittlePwny - JustCTF

A simple “PWNING” challenge, that I found to be more of a bash challenge. Requires you to discover the correct escape character in order to execute bash commands, some of which are filtered. As such, you must find the command that can output the...

Back to top ↑

CSP

Babier CSP - DiceCTF

Babier CSP - DiceCTF

A nice Content Security Policy (CSP) challenge that had a very nice way of giving you all the pieces you need from the beginning to have a path forward to find the flag. Upon noticing that the nonce value for the script-src CSP directive does not ...

Back to top ↑

Nonce

Babier CSP - DiceCTF

Babier CSP - DiceCTF

A nice Content Security Policy (CSP) challenge that had a very nice way of giving you all the pieces you need from the beginning to have a path forward to find the flag. Upon noticing that the nonce value for the script-src CSP directive does not ...

Back to top ↑

Logic Error

Babier CSP - DiceCTF

Babier CSP - DiceCTF

A nice Content Security Policy (CSP) challenge that had a very nice way of giving you all the pieces you need from the beginning to have a path forward to find the flag. Upon noticing that the nonce value for the script-src CSP directive does not ...

Back to top ↑