Writeup for Stateless Auth from Daily Alpacahack 2026 #25. A Medium Web challenge involving Flask, Information Disclosure of JWT secrets, and Token Forgery.
Writeup for ToyPQC from Daily Alpacahack 2026 #27. A Hard Crypto challenge involving LWE with small error space vulnerable to brute-force.
Detailed writeup for the 4llD4y challenge from 0xL4ugh CTF V5. A Medium Web challenge involving Prototype Pollution (CVE-2023-26135), happy-dom configuration override, and VM sandbox escape.
