WEB3! Damn Vulnerable DeFi 3.0 Write Up
Resources
Read moreSecurity research notes, writeups, and build logs.
y4y
Notes from exploit development, CTF writeups, and research threads.
Latest posts
25 totalCVE-2021-38001: A Brief Introduction to V8 Inline Cache and Exploitating Type Confusion
Some Background Info
Read moreFrom RPC To RCE: VMWare Log Insight CVE-2022-31704
Preparations
Read moreBrowser Exploitation: A Case Study Of CVE-2020-6507
Motivation
Read moreLog4j Analysis: More JNDI Injection
To be fair, the attack chain is pretty straight forward. I kinda hope all the other vulnerabilities are easy to analyze like this one…
Read moreMy Steps of Reproducing ProxyShell
本文由斗象TCC史辛泽荣誉出品,偷图偷代码还不给署名的我劝你好自为之。
Read moreA research on generating CodeQL database for close-sourced applications
Motivation
Read moreTaking a peek at Ysosreial CommonCollection1 Gadget
Preface
Read moreLearning JNDI Injection From CVE-2021-21985
Intro
Read moreSome SQLite Injection
About this post
Read moreCVE-2021-22986 F5 REST Unauthenticated RCE Analysis
Introduction
Read moreBambooFox CTF 2021 Writeup
Man, I suck.
Read moreTwo easy problems from GrimmCon CTF
Competition Info
Read moreb00t2r00t 2020 CTF Writeup
My team (just me, my teammate is having his final) solved 3 problems in the recent concluded b00t2r00t CTF, the event didn’t have many participants but the challenges are fairl...
Read morePico Mini CTF 2020 Writeup
This will be the write up for 3 out of 5 problems in the recently concluded Picomini CTF 2020. ‘Web Gauntlet’ from Web category, ‘OPT’ from Reverse category, and ‘Guessing Game...
Read moreOverTheWire Natas Write-Up (Part 3)
Introduction
Read moreOverTheWire Natas Write-Up (Part 2)
Introduction
Read moreOverTheWire Natas Write-up (Part 1)
Introduction
Read moreN1CTF: Web Sign-in and Beyond
This will be my solution on the recent concluded N1CTF’s easiest web challenge ‘websign’ which I couldn’t even solve during the competition. I normally wouldn’t bother post a b...
Read moreCSAWCTF 2020 Qualification Round Writeup
widthless (Web)
Read moreFword CTF Writeup
A pretty good CTF event. I only did the easiest problems in web, reverse, bash, and forensic category.
Read morePost Google CTF Reflection
So Google CTF has concluded, and I was reading writeups for web challenges and hoping I can learn something new since I did not put too much time into it. Then I came across th...
Read moreFile Inclusion and Directory Traversal, what files to look at? Linux Edition
Introduction
Read moreHacktivityCon CTF 2020 Writeup.
So I only did some problems, most of then being web challenges. I had to take my OSCP exam so didn’t spend too much time on this CTF. I mean I don’t spend much time on all CTFs...
Read moreRedpwn CTF 2020 - Web Pastebin challenge writeup
The same write should also be up on the Pwnie Island’s teamblog.
Read more