Posts tagged with "xss" | kudaliar's blog

BITSCTF 2026 - SafePaste

Writeup for SafePaste from BITSCTF 2026. A hard web challenge escaping DOMPurify via server-side mXSS and String.prototype.replace() template injection.

k kudaliar
March 2, 2026
5 min read

writeup web hard dompurify mxss xss bitsctf
LA CTF 2026 - Append Note

Writeup for Append Note from LA CTF 2026. A Web challenge involving Reflected XSS, Prefix Oracle, and CORS misconfiguration.

k kudaliar
February 9, 2026
7 min read

writeup web xss xs-leaks prefix-oracle cors lactf
LA CTF 2026 - Invoice Generator

Writeup for Invoice Generator from LA CTF 2026. A Web challenge involving PDF generation and SSRF via XSS.

k kudaliar
February 9, 2026
1 min read

writeup web pdf ssrf xss lactf
UofTCTF 2026 - Personal Blog

Web Security challenge involving XSS, session hijacking, and magic link abuse to steal admin cookies

k kudaliar
January 12, 2026
4 min read

writeup web xss session-hijacking uoftctf 2026