-
DCTF Quals 2023 - Awesome One
Writeup for the AwesomeOne challenge from the D-CTF Qualifiers 2023. This was very relatively simple reverse engineering.
-
TenableCTF 2023 - PseudoRandom writeup
Writeup for the PseudoRandom challenge from TenableCTF 2023. This was a relatively simple cryptography challenge.
-
TenableCTF 2023 - Cyberpunk Cafe writeup
Writeup for the Cyberpunk Cafe challenge from TenableCTF 2023. This was a relatively simple steganography challenge.
-
HTB Business CTF 2023 - Unveiled writeup
Writeup for the Unveiled challenge from HTB's Business CTF from 2023. This challenge involved exploiting a misconfigured s3 service.
-
HTB Business CTF 2023 - Langmon writeup
Writeup for the Langmon challenge from HTB's Business CTF from 2023. This challenge involved exploiting a wordpress exploit and a langmon exploit.
-
HTB Cyber Apocalypse 2023 - (Web) Orbital
Writeup for the Orbital (Web, Easy) from HTB Cyber Apocalypse 2023. This very simple challenge involved SQL Injection and a path traversal attack.
-
HTB Cyber Apocalypse 2023 - (Forensics) Relic Maps
Writeup for the Relic Maps (Forensics, Medium) from HTB Cyber Apocalypse 2023. This challenge involved deobfuscating some batch scripting and some powershell.
-
HTB Cyber Apocalypse 2023 - (Hardware) HM74
Writeup for the HM74 (Hardware, Medium) from HTB Cyber Apocalypse 2023. Here you can see my janky solution to a challenge that involved error correction codes (Hamming Codes).
-
HTB Cyber Apocalypse 2023 - (Hardware) Secret Code
Writeup for the Secret Code (Hardware, Easy) from HTB Cyber Apocalypse 2023. This is how I used Excel to solve a CTF challenge about seven segment displays :)
-
HTB Cyber Apocalypse 2023 - (Hardware) Debug
Writeup for the Debug (Hardware, Easy) from HTB Cyber Apocalypse 2023. This challenge involved analyzing an UART signal.
-
HTB Cyber Apocalypse 2023 - (Hardware) Timed Transmission
Writeup for the Timed Transmission (Hardware, Very Easy) from HTB Cyber Apocalypse 2023. This very simple challenge involved a capture from a logic analyzer.
-
HTB Cyber Apocalypse 2023 - (Hardware) Critical Flight
Writeup for the Critical Flight (Hardware, Very Easy) from HTB Cyber Apocalypse 2023. This very simple challenge involved some PCB designs.
-
HTB RedPanda writeup
Writeup for HackTheBox.eu's RedPanda machine. Notes on how I obtained the user and root flags.
-
HTB HackTheBoo 2022 - (Forensics) Downgrade
Writeup for the Downgrade challenge (Forensics5/5) from HackTheBoo 2022. This challenge involved analyzing Windows evtx logs and identifying a suspicious login.
-
HTB HackTheBoo 2022 - (Forensics) POOF
Writeup for the POOF challenge (Forensics4/5) from HackTheBoo 2022. This challenge involved performing both network and memory forensics for a host that was infected by ransomware.
-
HTB HackTheBoo 2022 - (Forensics) Halloween Invitation
Writeup for the Halloween Invitation challenge (Forensics3/5) from HackTheBoo 2022. This challenge involved analyzing an infected doc file.
-
HTB HackTheBoo 2022 - (Forensics) Trick of Breach
Writeup for the Trick of Breach challenge (Forensics2/5) from HackTheBoo 2022. This challenge involved analyzing some DNS traffic and reconstructing exfiltrated data.
-
HTB HackTheBoo 2022 - (Forensics) Wrong Spooky Season
Writeup for the Wrong Spooky Season challenge (Forensics1/5) from HackTheBoo 2022. This challenge involved some simple analysis of a pcap file.
-
HTB HackTheBoo 2022 - (Web) Cursed Secret Party writeup
Writeup for the Cursed Secret Party challenge (Web5/5) from HackTheBoo 2022. This challenge involved exploiting a Stored XSS vulnerability and bypassing the CSP.
-
HTB HackTheBoo 2022 - (Web) Juggling Facts writeup
Writeup for the Juggling Facts challenge (Web4/5) from HackTheBoo 2022. This challenge involved exploiting a type juggling vulnerability in a php application.
-
HTB HackTheBoo 2022 - (Web) Horror Feeds writeup
Writeup for the Horror Feeds challenge (Web3/5) from HackTheBoo 2022. This challenge involved exploiting a SQL Injection vulnerability in a Flask application ... with a bit of a twist.
-
HTB HackTheBoo 2022 - (Web) Spookifier writeup
Writeup for the Spookifier (Web2/5) from HackTheBoo 2022. This challenge involved exploiting a template injection vulnerability in a Flask application that used Mako as its templating engine.
-
HTB HackTheBoo 2022 - (Web) Evaluation Deck writeup
Writeup for the Evaluation Deck challenge (Web1/5) from HackTheBoo 2022. This challenge involved exploiting a command injection vulnerability in a Flask application.
-
HTB Business CTF 2022 - Trade writeup
Writeup for the Trade challenge from HTB's Business CTF from 2022. This challenge involved interacting with and exploiting two AWS services (AWS SNS and DynamoDB)
-
HTB Business CTF 2022 - Perseverance writeup
Writeup for the Perseverance challenge from HTB's Business CTF from 2022.
-
HTB Business CTF 2022 - Lina's Invitation writeup
Writeup for the 'Lina's Invitation' challenge from HTB's Business CTF from 2022.
-
HTB Business CTF 2022 - Breakout writeup
Writeup for the Breakout challenge from HTB's Business CTF from 2022.
-
TenableCTF 2022 OSINT Challenges Writeup
Writeups for 3 out of 4 OSINT challenges from TenableCTF 2022
-
TenableCTF 2022 Data Exfil (Forensics) Writeup
Writeups for the "Data Exfil" challenge from TenableCTF 2022
-
TenableCTF 2022 Characters of Shakespeare's Plays Writeup
A short writeup for "Characters of Shakespeare's Plays" (TenableCTF 2022)
-
HTB Paper writeup
Writeup for HackTheBox.eu's Paper machine. Notes on obtaining the user and root flags for this machine.
-
HTB Business CTF 2021 - Rocket writeup
Writeup for the Rocket challenge from HTB's Business CTF from 2021. This was part of their full pwn category which involved getting user and root flags from machines.
-
HTB Business CTF 2021 - BadRansomware writeup
Writeup for the BadRansomware challenge from HTB's Business CTF from 2021. This challenge showcased some techniques used by real malware.
-
HTB Business CTF 2021 - Theta writeup
Writeup for the Theta challenge from HTB's Business CTF from 2021. This challenge involved a unsecured aws Lambda service.
-
HTB Business CTF 2021 - NoteQL writeup
Writeup for the NoteQL challenge from HTB's Business CTF from 2021. The challenge involved an unsecured GraphQL endpoint.
-
HTB Bucket writeup
Writeup for HackTheBox.eu's Bucket machine. Notes on obtaining the user and root flags.
-
TenableCTF 2021 Tenable challenges writeup
This is my writeup for the Tenable challenges that I could solve at TenableCTF 2021 and some of my thoughts on the one that I could not solve..
-
TenableCTF 2021 Netrunner Encryption writeup
This is my writeup for the Netrunner Encryption challenge from TenableCTF 2021. It involves a chosen plaintext attack against AES-ECB-128.
-
HTB Worker writeup
Writeup for HackTheBox.eu's Worker machine. Notes on obtaining the user and root flags and also some failures in trying to get a root shell.
-
HTB Tabby writeup
This is my first attempt at making a writeup for a HackTheBox machine. It contains my notes on how I obtained both the user and root flag on the Tabby machine.
-
De1CTF 2019 Mine Sweeping Writeup
This is my writeup for the Mine Sweeping challenge. This challenge was part of De1CTF 2019. The files for this challenge might be still available on ctftime so you can also give it a try if you want. For this challenge we had access to an archive containing a game...
-
De1CTF 2019 SSRF Me Writeup
This is my writeup for the SSRF Me challenge. This challenge was part of De1CTF 2019. We only got an URL that we should access as part of the challenge. Accessing that URL returns some python code.