README.md

CTF-Writeups

My writeups of various CTFs, security challenges and vulnerability testbeds.

Burp Academy

Burp Academy Labs (all)

SQL injection (SQLi)

XSS

OAuth authentication

XML external entity (XXE) injection

Cross-site request forgery (CSRF)

Access control vulnerabilities

HTTP Host header attacks

SSRF

CORS

OS command injection

Directory traversal

Insecure deserialization

File upload vulnerabilities

Business logic vulnerabilities

WebSockets

Clickjacking

JWT

Pentester Academy

JS for Pentesters

wechall.net

wechall

natas (overthewire.org)

ropemporium.com

32bit binaries

64bit binaries

flaws.cloud

flaws.cloud

hacking-lab.com

Webgoat

Top 10

rozwal.to

my profile

ctf.infosecinstitute.com

ctf.infosecinstitute.com

DVWA (Damn Vulnerable Web Application)

DVWA: low

DVWA: medium

DVWA: hard

exploit-exercises.com

Nebula

0CTF 2016 Quals

Monkey