Web Security Academy : Going deep on OAuth labs and a beautiful unintended solution

web security, portswigger, oauth, openid

PHP : Winning the race against PHP (alternative way to easy_php @ N1CTF2018)

php, web security, ctf, race condition, exploit, md5, hash collision, c1ctf2018

SHX16 : web100-help_me

web security, shx16, SQLite, sql injection

SHX13 : web300-restricted_area

web security, php, shx13, PDOException, database control, login bypass

SHX10 : web200-read_my_email

shx10, web security, django, code leak, debug, stream cipher, ctf

CryptoRave 2017: web200-bugpress

web security, cryp70ch4052k17, cryptorave 2017, phpmailer, wordpress, 0day, ctf

SHX8 : web200-freelyrics

shx8, bruteforce, nozzlr, wordpress, web security, ctf

Nuit du Hack quals 2017 : web100-slumdog_millionaire

python, programming, ndhquals2k17, web security, ctf

BSides SF 2017 : Zumbo 1 2 and 3

bsidessf2017, flask, jinja2, template injection, web security, ctf

Insomini'hack 2017 : web50-smarttomcat

ins17, apache, tomcat, amazon, ec2, web security, ctf

33C3CTF : web200-pay2win

33c3ctf, pwn, web security, ctf

3DSCTF 2016 : web200-mapos

pwn, 3dsctf-2k16, bruteforce, patator, web security, ctf