Dungeon of the Domain Admins

Featured articles

File Upload Vulnerability Tricks and Checklist

Exploiting an XSS for CSRF to SQLi (Helicopter Administrator 247CTF writeup).

Finding vulnerabilities in an open-source CMS.

Researching around SQL Injections in PostgreSQL.

Jinja2 SSTI Research

May
27

File Upload Vulnerability Tricks and Checklist

10 min read
May
21

Method Invocation in Go's builtin template modules lead to file read and RCE.

4 min read
Mar
03

Hackerone x THM CTF Web Hacking Write-Up (Hacker Of The Hill)

13 min read
Jan
30

How a person's name can be vital in a Social Engineering operation.

5 min read
Jan
30

Exploiting an XSS for CSRF to SQLi (Helicopter Administrator 247CTF writeup).

6 min read

Popular tags

Research CTF 247CTF Misc HackTheBox