Latest Posts

Bypassing path restriction on whitelisted CDNs to circumvent CSP protections - SECT CTF Web 400 writeup
How can we bypass CSP using whitelisted CDNs and path traversal (SECT CTF 2016 web 400 writeup)
Abusing file inclusions using Windows 8.3 filename legacy shortcodes - MMACTF Rotten Uploader web 150 writeup
Using the legacy windows 8.3 filename short code, we bypass the filter to download files. (MMACTF 2016 web 150 writeup)
MongoDB - Extracting data (admin password) using NoSQL Injection - MMACTF 2016 Web 100 writeup
Using NoSQL injections to extract admin password from the database (MMACTF 2016 web 100 writeup)
Command Injection via Bruteforce ZipCracker - MMACTF 2016 Web 200 writeup
Command injection via the dictionary file used for bruteforce. (MMACTF 2016 web 100 writeup)
Remote Code Execution via Python __import__() - MMACTF 2016 Tsurai Web 300 writeup
Manipulating Python's __import__() statement to import attacker controlled modules (MMACTF 2016 web 100 writeup)
Prompt.ml - XSS Challenges writeup
If you haven't seen this already, this is a series of XSS challenges by Filedescriptor. The challenges were really good and if you haven't attempted to solve it, you should definitely try yourself before reading the writeups here.
escape.alf.nu - XSS Challenges writeup
If you haven't seen this already, this is a series of XSS challenges by Erling Ellingsen. The challenges were really good and if you haven't attempted to solve it, you should definitely try yourself before reading the writeups here.
PHP object Injection via Cookie unserialize() - Nuit du hack CTF Web 100 writeup
Reading local files with PHP object Injection via Cookie unserialize() (Nuit du Hack 2016 web 10 writeup)