Blog

Explore my thoughts and insights in the blog posts below, or browse by topics on the categories page.

Showing 101 posts in this blog.

sanitize-html-react Vulnerability

XSS510
Internal testing, or 'blitzing', revealed flaws in the sanitize-html-react library, posing potential security risks. Discover alternatives and solutions.

BlankMediaGames / Town Of Salem XSS

XSS230
Discovered a potential XSS vulnerability in Town of Salem's API endpoint, reported to BlankMediaGames and promptly patched. Read more for technical details!

IOLI Crackme Write-up

Crackmes1490
Explore the IOLI crackme challenges, revealing passwords and detailed analysis for each binary level from 0x00 to 0x09. Get the insights here!

Hackvent 2019: Day 23

Hackvent 2019380
Discover how to retrieve the flag hidden in the Internet Data Archive challenge by exploiting vulnerabilities and cracking passwords.

Hackvent 2019: Day 22

Hackvent 2019260
Help Santa recover a lost command for his sledge in this HV19.22 challenge. Dive into hex sequences and AVR emulators to find the solution!

Hackvent 2019: Day 21

Hackvent 2019130
Join the challenge to recover Santa's flag using cryptographic techniques. Can you break the AES256 encryption and find the hidden flag?

Hackvent 2019: Day 19

Hackvent 2019190
Solve the HV19.19 challenge with Emojicode! Discover how a key emoji unlocks the flag in just 8 minutes. Get the details and solution here!

Hackvent 2019: Day 18

Hackvent 2019170
Crack the Salsa20 cipher and recover the hidden flag in this fun, dance-themed hacking challenge! Discover the key and the flag decoding method.

Hackvent 2019: Day 17

Hackvent 2019471
Crack the Unicode Portal challenge to become an admin and obtain the ultimate gift by exploiting the register functionality. Discover the flag!

Hackvent 2019: Day 16

Hackvent 2019190
Solve the HV19.16 B0rked Calculator challenge by fixing Santa's broken calculator and reveal the hidden flag. Download resources and more.

Hackvent 2019: Day 15

Hackvent 2019220
Join us in exploring the HV19.15 Santa's Workshop challenge. Discover how we decoded complex MQTT messaging services to uncover the hidden flag.

Hackvent 2019: Day 13

Hackvent 2019220
Infiltrate a spy facility and retrieve critical information by exploiting a login portal vulnerability in the HV19.13 TrieMe challenge.

Hackvent 2019: Day 12

Hackvent 2019190
Join the HV19.12 Back to Basic challenge! Learn how to reverse-engineer a file and uncover the hidden flag. Perfect for sharpening your hacking skills.

Hackvent 2019: Day 10

Hackvent 2019150
Discover how to crack the HV19.10 "Guess what" challenge by uncovering obfuscated strings in an ELF binary and retrieving the hidden flag.

Hackvent 2019: Day 9

Hackvent 2019280
Crack Santa's QR code challenge using Rule 30 to reveal the hidden destination path. Follow our step-by-step solution and Python script.

Hackvent 2019: Day 8

Hackvent 2019420
Decode encrypted credit card numbers and uncover the flag in the HV19.08 SmileNcryptor 4.0 challenge. Learn the technique used for decryption.

Hackvent 2019: Hidden 2

Hackvent 2019440
Solve the HV19.H2 Hidden Two challenge by decoding the file name string using base58 to uncover the hidden flag in this Capture The Flag event.

Hackvent 2019: Day 7

Hackvent 2019220
Uncover hidden binary messages in Santa's new sledge gadget. Learn how to decode using video analysis and extract the final flag!

Hackvent 2019: Day 4

Hackvent 2019420
Discover how Santa's new password policy was circumvented by the elves using an AutoHotKey script. Learn the step-by-step solution!

Hackvent 2019: Day 3

Hackvent 2019250
Decode the Hodor programming language challenge and discover the hidden flag using base64. Learn more about this unique esoteric language!

HACKvent 2019: Day 2

Hackvent 2019260
Unlock the secrets of HV19.02 Triangulation with our 3D model challenge! Discover how to extract hidden codes and claim your victory.

HACKvent 2019: Day 1

Hackvent 2019580
Discover the solution to the HV19.01 censored challenge. Unveil hidden binaries in an image to reveal a crisp QR code for the flag!

HACKvent 2016: Day 1

Hackvent 20165370
Santa's email links to the same picture, but hidden redirections reveal a secret. Discover the flag using HTTP headers and redirection checks.

HACKvent 2015: Day 15

Hackvent 20159370
Solve a complex encrypted message using Z3 theorem solver. Discover the hidden phrase and obtain the daily flag in this detailed challenge breakdown.

HACKvent 2015: Day 13

Hackvent 201511200
Uncover the secret hidden in an image using least significant bit steganography and Fourier transform techniques. Discover the fascinating solution!

HACKvent 2015: Day 12

Hackvent 201512950
Optimize and analyze complex C code to solve the Hackvent 2015 Day 12 challenge. Learn step-by-step code simplification for better efficiency.

HACKvent 2015: Day 11

Hackvent 201517150
Unlock the secrets of the IBM 96 Column Punch Card with our in-depth guide. Discover how to decode and solve the HV15 Day 11 challenge.

HACKvent 2015: Day 9

Hackvent 201512950
Recover missing parts of a code transmission using SHA1 hashes and a sound file in this simple challenge. Discover our solution step-by-step.

HACKvent 2015: Day 8

Hackvent 201513680
Solve Hackvent 2015 Day 8 challenge by exploiting PHP loose comparison vulnerability for admin access. Discover the solution and flag details here.

HACKvent 2015: Day 6

Hackvent 20157570
Crack the Base32 encoded string, decode with ASCII85, and apply ROT13 to reveal the flag in this detailed challenge solution.

HACKvent 2015: Day 1

Hackvent 201512440
Decode Santa's hidden message and solve the riddle using a Vigenere Cipher. Discover hidden images and uncover the flag for Hackvent 2015 Day 1.

Finland MSN XSS Vulnerability

XSS1350
The search bar on Finland has a vulnerability that allows XSS attacks due to improper encoding of quotes. Learn more about this issue here.

Mashable XSS Vulnerability

XSS10680
Discover the Mashable subscription script vulnerability that exposes user emails and enables XSS attacks. Learn more about this security flaw.

ABC Mail XSS Vulnerability

XSS12180
The ABC Mail subscription script has a vulnerability that allows XSS attacks due to unsanitized email input. Learn more about this security flaw.

iiNet.net.au XSS Vulnerabilities

XSS5500
Discover two critical XSS vulnerabilities on iiNet's main search and Freezone pages, highlighting major security flaws in the Australian ISP's website.