Writeup for Clawcha from LA CTF 2026. A Web challenge involving cookie-parser deserialization and identity confusion.
Writeup for Inu Profile from Daily Alpacahack 2026 B-SIDE. A Web challenge involving Prototype Pollution in Node.js.
Detailed writeup for the 4llD4y challenge from 0xL4ugh CTF V5. A Medium Web challenge involving Prototype Pollution (CVE-2023-26135), happy-dom configuration override, and VM sandbox escape.
