astronaut
Logbook
Web Security • Research • CTF
Menu
Filtered View

Tag: #xss

7 posts

Jun 30, 2026

Filtered Reality

Full-chain CTF writeup for a WordPress and Puppeteer bot challenge involving nonce leakage, DOM clobbering, CSP nonce recovery, RCE, and SHA-256 length extension.

#writeup #wordpress #xss #csp #rce
Sekaictf2026 web hard
Sep 12, 2025

Novacore

#writeup #xss #sqli #rce #csp
HTB web
Aug 28, 2025

OmniWatch

#writeup #xss #sqli #lfi #jwt
HTB web
Jul 14, 2024

Streamcoin

#writeup #xss #jwt #request-smuggling #file-upload
HTB web
Jul 04, 2023

corctf-challenge-dev

#writeup #xss #rce #lfi #csp
Corctf2024 web
Jul 04, 2023

GRAND PRIX HEAVEN

#writeup #xss #csp #file-upload
Googlectf2024 web
Jul 04, 2023

Sagigram+

#writeup #xss #csp #file-upload
TFCCTF2024 web