arxenix's blog

follow: @[email protected]

Posts

SekaiCTF'24 htmlsandbox - Author Writeup

Cookie Bugs - Smuggling & Injection

SECCON CTF 2022 Finals

DiceCTF 2023 writeups

Overlong Sec-Required-CSP header: CVE-2021-37989

The Closed Shadow DOM

Hosting a CTF - UIUCTF'21 Overview + Infra

Detecting uBlock origin via a timing side-channel

PlaidCTF 2021 - wowza - web (350pt)

DragonCTF 2020 - Scratchpad (web)

Showcasing the Importance of Secure Defaults with a PyYAML 0day

CSAW CTF Finals 2019 - easiest crackme - Web (100,300,300 pt)

PlaidCTF 2019 - can you guess me - misc (100pt)

Pwning PHP CTF Challenges