Stories and writeups about real-world Hacking from my experience, and guides/tutorials on techniques to learn from. When I find something interesting worth sharing I'll make a post here to tell the story, or when I feel a topic was hard to understand I try to make a clear explanation in a post.
Intigriti XSS Challenge
A collection of all monthly Intigriti XSS challenges that I made writeups of. Learn a lot about Web and Cross-Site Scripting vulnerabilities
Mutation XSS: Explained, CVE and Challenge
Learn how to bypass HTML sanitizers by abusing the intricate parsing rules and mutations. Including my CVE-2024-52595 (lxml_html_clean bypass) and the solution to a hard challenge I shared online
XS-Leaking flags with CSS: A CTFd 0day
Due to an XS-Leak vulnerability I found in CTFd versions 3.7.2 and below, it was possible to leak flags from admins. Using a novel technique abusing browser history and CSS it could be completely automated
Cracking an online Password Encryption tool
How I recovered a friend's password by reverse engineering an online encryption service, and brute forcing a PIN locally. Learn about AES and black-box discovery, as well as some attacks
Part 2: The New LiveOverflow Minecraft Hacking Server
Part 2 of the LiveOverflow Minecraft Server series. Search for the new server, crack base coordinates from bedrock formations, and teleport through walls!
Playing on the LiveOverflow Minecraft Hacking Server
Finding, and then Playing and learning Game Hacking on a Minecraft server made by LiveOverflow's "Minecraft HACKED" series on YouTube. Learn about port scanning quickly, Fabric modding, and general Game Hacking
Getting RCE on a Brute Forcing Assignment
The story and walkthrough of how I got Remote Code Execution on a school assignment meant to teach Brute Forcing
Introduction to Reverse Engineering (with Ghidra)
A very basic introduction to Reverse Engineering using Ghidra. Contains looking at strings, decompiling to C code, and patching instructions.