Oh wow, another web app interface for command-line tools that already exist! This one seems a little busted, though… — I learnt that the webapp was validating yaml, and so I tried to carry out a ...

Sorry. You know every CTF has to have it. 🤷 After reading the title, I immediately visited the /robots.txt route. The website responded with: Upon seeing the scrollbar on the right, I pressed ...

I found this printer on the network, and it seems to be running… a weird web page… to search for drivers? Submitting the form would send a HTTP GET request to cgi-bin/search.cgi?q= with parameter...

Two factors? In this economy??!! I just logged in using the credentials admin:admin, and then the website prompted me to input a 6-digit one time passcode. After looking around, I noticed ther...

We’ve decided to make this challenge really straight forward. All you have to do is find out the flag! Juuuust make sure not to trip any of the security controls implemented to stop brute forc...

Don’t be shy, show your emotions! Get emotional if you have to! Uncover the flag. As per the source code given, the website was rendering using ejs. I realised the website was vulnerable to SSTI ...

The Arika ransomware group likes to look slick and spiffy with their cool green-on-black terminal style website… but it sounds like they are worried about some security concerns of their own! Upo...

Bennett is software developed by the Department of Computer Science at the University of Manchester to give students an introduction to the Fundamentals of Computer Architecture. For additional in...

After running nmap scan on the target, I got: nmap -A 10.10.194.9 Nmap scan report for 10.10.194.9 Host is up (0.025s latency). Not shown: 997 closed tcp ports (conn-refused) PORT STATE SERVIC...