i joined in justctf 2025 to solve web challs, there were 7 web challs and i aimed to solve Simple Tasks and Positive Players. However Simple Tasks was really difficult that i couldn’t even approach...

Summary input[name=flag][value^=a]{ background: url('https://evm.pics/a'); } input[name=flag][value^=b]{ background: url('https://evm.pics/b'); } /* ... */ In most cases, when exploiting ...

Hi guys, i wanna introduce a way to earn $10k bounty on an open-source projects. a month ago, i reported a bug in the ML Framework. and the bug i found was not critical so i needed to find a way to...

Summary In summary, I found a Self-ReDoS vulnerability in the issue feature of github.com and reported it to HackerOne. Analysis function onPaste$1(event) { const { currentTarget: el } = eve...

(Web) Baby Simple Gocurl (Web) Adult Simple Gocurl These two challenges require reading flag in the /flag/ path via SSRF. (Web) Baby Simple Gocurl n.startsWith("https://") || n.startsWit...