Kacper SzurekTagsPolishNewsletterAbout
YouTubeWebinaryFacebookTwitter
Kacper Szurek
TagsPolishNewsletterAboutYouTubeWebinaryFacebookTwitter

Ctf

Confidence Dragonsector CTF - Zippy Web 300 Writeup

Solution for Zippy task from Confidence Dragonsector CTF.

12-03-2020

3 MIN READ

Ctf

SharifCTF 7 Web Writeup

Bypassing XSS auditor.

18-12-2016

5 MIN READ

Ctf

QiwiCTF 2016 Web Writeup

There is SQL Injection in Cookie.

18-11-2016

2 MIN READ

Ctf

BlazeCTF 2016 Postboard Writeup

Exploit cPickle.loads which deserialize object from untrusted user input session['auth'] inside verifySession() function.

24-04-2016

4 MIN READ

Ctf

CONFidence DS CTF 2016 RoflScale Writeup

Bypass Python urlparse function

15-04-2016

2 MIN READ

Ctf

Pwn2Win CTF 2016 Facebug Writeup

Exploit Mako Templates for Python.

30-03-2016

1 MIN READ

Ctf

0CTF 2016 GuestBook 1 Writeup

Use XSS Auditor for XSS bypass

14-03-2016

3 MIN READ

Ctf

Boston Key Party CTF 2016 Good Morning and OptiProxy Writeup

SQL Injection because of shift-jis encoding.

07-03-2016

2 MIN READ

From 0 to pentesting hero

Client Side Template Injection

Retrieving parameters from the user and later displaying them on the website always carries risk of XSS attack. But can you perform such attack without using the HTML tag?

21-03-2019

3 MIN READ

© 2025 Kacper Szurek
Disclosure Policy
YouTube
Facebook
Twitter