picoCTF-2019-writeups /Web Exploitation /logon / README.md Points: 100 Category Web Exploitation Problem Statement The factory is hiding things from all of its users. Can you login as logon and find what they've been looking at?https://2019shell1.picoctf.com/problem/49907/(link) orhttp...
RajkumarShanmugam1 / picoCTF_writeups Star 4 Code Issues Pull requests Increase the CTF Knowledge and reduce struggles linux cryptography osint reverse-engineering ctf binary-exploitation stegnography website-exploits Updated Sep 25, 2023 Python Improve this page Add a description, image, and...
Last weekend we participated at secuinside ctf. Mainly there were 7 binary and 7 web challenges besides a few other. All web challenges were really fun and according to the stats SQLgeek was one of the hardest web challenges. For all other web challenges there are already writeups, so here...
Here using OpenSSL, certificate got created in “attacker.crt” which now can be embedded in a JWKS file with “x5c” attribute and the exploitation can be done like this: Command: python3 jwt_tool.py <JWT> -S rs256 -pr private.pem -I -hc x5u -hv "https://attacker.com/custom_x5...
We tried guessing a few flag file names, and grabbed the contents of/etc/passwd,/proc/self/cmdlineand/home/reekee/.bashrc, but none had any clues as to where we could find the flag. So I guess further exploitation is needed. Command Execution ...
Today I want to write a couple of write-ups of a CTF that we have participated with our work colleagues from Exness. As I’m trying to improve in binary exploitation topic I would like to document here some challenges that I’ve found that were interesting. This is the CTF link: https...
ctf-write-ups exploiting forensics generic-methodologies-and-resources linux-hardening linux-unix macos-hardening misc mobile-pentesting network-services-pentesting pentesting-web physical-attacks radio-hacking reversing stego todo welcome windows-hardening .gitignore 1911-pentesting-fox.md 6881-udp-pentesting...
Also, note that in a regular exploitation you will be able to see/download the created pdf, so you will be able to see everything you write via JS (using document.write() for example). But, if you cannot see the created PDF, you will probably need extract the informatio...
pythonflasksecurityhackingctf-writeupsctfpentestcodereviewdvwactf-solutionsctf-challengeseducational-projectwhitebox-testingwebpentest UpdatedJan 23, 2025 JavaScript CyberSec Resources: FRAMEWORKS & STANDARDS; Pentesting Audits & Hacking; PURPLE TEAMING, AD, API, web, clouds, CTF, OSINT, Pentest tools, ...
ctf - CTF (Capture The Flag) writeups, code snippets, notes, scripts. My-CTF-Web-Challenges - collection of CTF Web challenges. MSTG - The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing. Internal-Pentest-Playbook - notes on the most common ...