Secret starts with analyzing web source to recover a secret token from older commit. The secret is …
Dynstr imitates a company that offers a Dynamic DNS service. The provided API for this service is …
Another late CTF writeups for H@cktivitycon 2021 web category.
This is my late CTF writeups for H@cktivitycon 2021 miscellaneous category.
Code execution with path traversal
Supplying a malicious update definition to Electron-updater
Getting password from automatic login script of ChromeOS
DC-6 starts off by enumerating usernames from a WordPress website and use a brute-force attack …
Turns SSRF to remote code execution and escape from a Docker container
Seven times seven is equal to SSTI