Unveiling more attack surface using matching NS records
Discover hidden domains for bug bounty targets by analyzing NS records and using an API to lookup matching domains.
November 24, 2024All Writeups
YesWeHack Dojo 35 - Chatroom
My writeup of the YesWeHack #35 chatroom challenge.
September 21, 2024
Winning NahamCon Pre-CTF 2024!
Just a very short brag. Me and my team SQLKinkjection managed to claim the first spot in the NahamCon Pre-CTF! I'm incredibly proud of this achievement. Thanks for Ben (aka Nahamsec) for creating this awesome event! That's it, thanks!
May 21, 2024
How we turned a challenge against the players and creators - Nahamcon CTF 2023
About the Challenge During the process of deobfuscating the powershell payload from the IR challenge, we noticed that the domain to which all the encrypted files were being sent was not yet claimed. Here's an explanation of how we received hundreds of decryptable files the CTF players sent
March 15, 2024
Wizer CTF - Recipe Book - Alert and Beyond!
My writeup of the Wizer CTF Recipe Book challenge.
February 06, 2024