Writeup for Analog Nostalgia from 0xFun CTF 2026. An easy forensic challenge involving extracting an image from a VGA raw signal capture.
Writeup for Bank Heist from BITSCTF 2026. A hard blockchain challenge exploiting missing program_id checks in CPI verification.
Writeup for SafePaste from BITSCTF 2026. A hard web challenge escaping DOMPurify via server-side mXSS and String.prototype.replace() template injection.
Writeup for Super DES from BITSCTF 2026. An easy crypto challenge involving a triple DES implementation vulnerability.
Writeup for #808080 from EHAX CTF 2026. A miscellanious challenge requiring generation of a 5-bit Gray Code sequence to decode a custom Caesar cipher.
Writeup for Chusembly from EHAX CTF 2026. A miscellanious challenge involving sandbox escape and arbitrary Python code execution via an unrestricted custom assembly interpreter.
Writeup for Epstein Files from EHAX CTF 2026. A web challenge involving bypassing an AI model accuracy check by brute-forcing predictions and spoofing X-Forwarded-For to bypass rate limits.
Writeup for Breathing Void from EHAX CTF 2026. A miscellanious forensics challenge involving isolating covert timing channels from huge pcap noise.
Writeup for Flight Risk from EHAX CTF 2026. A web challenge demonstrating React Flight deserialization (react2shell) and bypassing a WAF for RCE on a Next.js application.
Writeup for Kaje from EHAX CTF 2026. A reverse engineering challenge involving analyzing an ELF64 binary to understand its custom MurmurHash3-based PRNG keystream, and exploiting the environment-based seed branching.
Writeup for Quantum Message from EHAX CTF 2026. A forensic audio challenge analyzing high-speed custom DTMF-style symbol transmission and extracting the encoded decimal streams.
Writeup for tictactoe from EHAX CTF 2026. A web challenge that involves exploiting server-side trust by bypassing dimension checks in a classic 3x3 game API.
Writeup for Append Note from LA CTF 2026. A Web challenge involving Reflected XSS, Prefix Oracle, and CORS misconfiguration.
Writeup for Blogler from LA CTF 2026. A Web challenge involving YAML anchor aliasing and post-validation mutation.
Writeup for Bobles and Narnes from LA CTF 2026. A Web challenge involving Bun SQL bulk insert injection and type confusion.
Writeup for Clawcha from LA CTF 2026. A Web challenge involving cookie-parser deserialization and identity confusion.
Writeup for Glotq from LA CTF 2026. A Web challenge involving Go JSON vs YAML parser differentials.
Writeup for Narnes and Bobles from LA CTF 2026. A Web challenge involving JavaScript type coercion and string concatenation vulnerability.
Writeup for Invoice Generator from LA CTF 2026. A Web challenge involving PDF generation and SSRF via XSS.
Writeup for The Clock from LA CTF 2026. A Crypto challenge involving Diffie-Hellman over a clock group and Pohlig-Hellman attack.
Writeup for Pasty from Nullcon HackIM CTF 2026. A Crypto/Web challenge involving XOR-based signature forgery.
Writeup for Meowy from Nullcon HackIM CTF 2026. A Web challenge involving Flask session forgery, SSRF, and Werkzeug PIN RCE.
Writeup for Web 2 Doc 2 from Nullcon HackIM CTF 2026. A Web challenge involving WeasyPrint LFI via PDF attachments.
Writeup for WordPress Static Site Generator from Nullcon HackIM CTF 2026. A Web challenge involving Pongo2 SSTI via Path Traversal.
Writeup for The World from Daily Alpacahack 2026. A Bash challenge involving arithmetic expansion injection.
Writeup for Inu Profile from Daily Alpacahack 2026 B-SIDE. A Web challenge involving Prototype Pollution in Node.js.
Writeup for Now You See Me from Eschaton 2026 Quals. A Web challenge involving JavaScript obfuscation and deobfuscation.
Writeup for PixelPerfect from MetaCTF January 2026. A Web challenge involving Ruby Code Injection via instance_eval.
Writeup for JShit from PascalCTF 2026. A Web challenge involving JSFuck obfuscation.
Writeup for Keep Scripting from PascalCTF 2026. A Misc challenge involving KTANE simulation and networking.
Writeup for PDFile from PascalCTF 2026. A Web challenge involving XXE via XML Parser Misconfiguration.
Writeup for SurgoCompany from PascalCTF 2026. A Misc challenge involving Python RCE via email attachment and Roundcube automation.
Writeup for Travel Playlist from PascalCTF 2026. A Web challenge involving Path Traversal.
Writeup for ZazaStore from PascalCTF 2026. A Web challenge involving Type Confusion and Logic Flaw.
Writeup for Linear Coffee Generator from Daily Alpacahack 2026 #29. A Crypto challenge involving LCG parameter recovery.
Writeup for No JS from Daily Alpacahack 2026 #28. A Hard Web challenge involving CSP bypass using Dangling Markup.
Writeup for Stateless Auth from Daily Alpacahack 2026 #25. A Medium Web challenge involving Flask, Information Disclosure of JWT secrets, and Token Forgery.
Writeup for ToyPQC from Daily Alpacahack 2026 #27. A Hard Crypto challenge involving LWE with small error space vulnerable to brute-force.
Detailed writeup for the 4llD4y challenge from 0xL4ugh CTF V5. A Medium Web challenge involving Prototype Pollution (CVE-2023-26135), happy-dom configuration override, and VM sandbox escape.
Writeup for the HashCashSlash challenge from 0xL4ugh CTF V5. A Medium Misc challenge involving restricted shell escape and local privilege escalation via hidden socat service.
Writeup for the Invisible Ink challenge from 0xL4ugh CTF V5. An Easy Misc challenge involving stegonography using Unicode Tag Characters, Zlib decompression, and Ascii85 decoding.
Writeup for the SpiralFloat challenge from 0xL4ugh CTF V5. A Hard Crypto challenge involving chaotic map inversion using Interval Arithmetic and Depth-First Search (DFS).
A detailed writeup for the House of Illusions challenge from 0xL4ugh CTF V5. A Hard Blockchain/Smart Contract Security challenge involving proxy patterns, ABI encoding exploits, and compiler differences.
Penetration test report for the CodePartTwo machine on Hack The Box. Exploiting a critical PySandbox escape in js2py and leveraging a config race condition for privilege escalation.
Penetration test report for the Conversor machine on Hack The Box. A Linux target involving arbitrary file write, cron job exploitation, and sudo privilege escalation.
Penetration test report for the Expressway machine on Hack The Box. A Linux target involving IKE Aggressive Mode PSK cracking and Sudo hostname spoofing for privilege escalation.
Blockchain challenge involving address collision attack against a Rust-based rollup node using Ed25519 signatures and Blake3 hashing.
Pwn/Concurrency challenge involving a TOCTOU race condition where input pipelining is used to beat a 1ms thread timer.
Web/Network challenge exploiting eBPF packet-level inspection with TCP segmentation and HTTP Range headers to bypass keyword filtering.
Forensics challenge involving PCAP analysis, malware reverse engineering, and XOR decryption to recover exfiltrated files
Crypto challenge involving Mersenne Twister (MT19937) state recovery (untempering) to predict future dice rolls.
Crypto challenge involving a custom nonlinear filter generator (LFSR) broken via algebraic attack using Z3 solver.
A trilogy of Web Security challenges focusing on WAF bypasses, SQL Injection chains, and SSTI to achieve RCE without using quotes or periods.
Web Security challenge involving XSS, session hijacking, and magic link abuse to steal admin cookies
