My writeups and exploits for Capture the Flag cybersecurity competitions. The topics are very varied, but include web, binary, mobile, and cryptography exploitation.
| Writeup | Topic | Summary |
|---|---|---|
| Jankenpon | Android / Cryptography | Reverse engineering an unwinnable Android game to beat the AI. |
| Hacking Toolz | SSRF | Abusing an SSRF vulnerability to obtain Amazon S3 credentials. |
| Deep Web Blog | NoSQL Injection | Exfiltrating hidden information with a NoSQL attack. |
| Hacky Holidays | HackQuest | 12 Day hacking challenge containing many exploits including password bruteforcing, business logic vulnerabilities, SSTI, OSINT, SQLi, SSRF, and DNS rebinding. |
| H1 CTF | HackQuest | Multi day hacking challenge including OSINT, SSRF, Android reverse engineering, and CSS Exfiltration. |