No results found.
Challenge about discord's global cache used as XS-Leak oracle: "It's party time right now, so could you refrain from discussing any complicated matters?"
This challenge featured CSP bypass using jsdelivr, and small knowledge about Cookie sorting done by the browser.
This challenge was about resume creation and sharing platform that used PHP serialization to transfer resumes between users.
This challenge was about a note app than can create multiple notes! The challenge is to read the hidden note.
This challenge was about an HTML preview service using an iframe. The author hopes the "sandbox" attribute is enough to prevent XSS.
