Blog


Search

Recent posts

Thumbnail
WebReversingXSS

Intigriti January XSS Challenge (0124)

Monthly Cross-Site Scripting (XSS) challenge involving DOM Clobbering, Prototype Pollution in Axios, and finding your own gadgets by reverse engineering minified code using Sourcemaps

Thumbnail
WebReversingXSSLFIRCELinuxMobile

AndroCat

Fullpwn machine on a Linux environment with Android APK to reverse engineer and exploit the API through XSS and PDF generation. Then escalate privileges with a SSTI and a NodeJS CVE

Thumbnail
WebScriptingXSSRCE

Phantom Feed

One of my favorite hard web challenges I've done, combining many different small vulnerabilities into a chain that leads to Remote Code Execution by stealing tokens from a bot and using SSTI

Thumbnail
ReversingCryptoGame HackingOSINT

Part 2: The New LiveOverflow Minecraft Hacking Server

Part 2 of the LiveOverflow Minecraft Server series. Search for the new server, crack base coordinates from bedrock formations, and teleport through walls!