Articles

• Nullcon HackIM CTF 2023 Web Writeups

  Aug 24, 2023
  Last week, I participated in the Nullcon HackIM CTF 2023 with 1/0 (formerly team zh3r0). We managed to get the 2nd place and solve all challenges in the Web category :) As supposed, I will be writing up the last two Web challenges, which were ranked as the hardest based on the points. Loginbytepass [436 points] Overview: I found this challenge particularly fun considering it included a very fun PHP-specific trick which I always enjoy obviously.

• Taking Over an Entire Organization - A Journey Through Multiple Bugs [Collab W/@Hacktus]

  Jun 12, 2023

• Intigriti-0722 July XSS Challenge Writeup

  Jul 29, 2022
  The Intigriti July XSS challenge was a great challenge created by antonvroemans which included a quite funny bug de-escalation from an SQL injection to an XSS with a CSP bypass. Leaving that aside, it was a great chance to practice skills in multiple attack vectors and improve. The challenge The challenge rules are the following: The goal is to pop a 0-click XSS inside that domain, who would’ve thought of any other vulnerabilities right?