top of page

Search

CSRF SameSite Strict bypass via sibling domain
This lab's live chat feature is vulnerable to cross-site WebSocket hijacking (CSWSH)
BlueDolphin
Mar 16

Exploiting CSRF: Bypassing SameSite Strict with Client-Side Redirects
This lab's change email function is vulnerable to CSRF.
BlueDolphin
Jan 26

Hack the Box - Investigation (Medium)
Engagement Flow Tools used Burpsuite EVTX Parser by omerbenamram WhatWeb Netcat SCP Ghidra Moonwalk Tactics/Techniques File upload abuse...
BlueDolphin
Dec 20, 2024

Server-Side Parameter Pollution (SSPP) Through Query Strings
YouTube Index: Introduction What is Server-Side Parameter Pollution Understanding the Query String in an API Request Example Injecting...
BlueDolphin
Nov 23, 2024

Boss Of The SOC V1 Blue Team Lab
High Level Details: Attacker 1: 40.80.148.42 Attacker 2: 23.22.63.114 CMS: Joomla Site: imnotreallybatman.com Site IP: 192.168.250.70...
BlueDolphin
Aug 14, 2024

DownUnderCTF - Web - Python Prototype Pollution
This challenge demonstrates a classic prototype pollution vulnerability.
BlueDolphin
Jul 7, 2024

UIUCTF 2024 - Fare Evasion
A Classic MD5 SQL Injection Bypass Attack.
BlueDolphin
Jul 2, 2024

US Cyber Games 2024 - Certified
Extract a plain text RSA key from HTTP, format it, save as .key, and import into Wireshark with the correct IP, PORT, and protocol for decr
BlueDolphin
Jun 10, 2024

US Cyber Games 2024 - Ding-O-Tron
Visual Workflow Summary Summary Identifying hidden functions generated dynamically was at the core of this challenge. While the giveFlag...
BlueDolphin
Jun 10, 2024

NahmaCon CTF 2024 - 1337 Malware
Follow along with my YouTube video for an interactive walkthrough. Visual Workflow summary The challenge starts with a provided PCAP file...
BlueDolphin
May 27, 2024

Splunk Incident Handling - Exploitation Detection THM series 2/7
Note - You can view my video writeup below 📺🎬🎥 https://youtu.be/xnjWVL7i7HA 📺🎬🎥 This room covers an incident Handling scenario...
BlueDolphin
May 21, 2024

Hack The Box Machine Write-Up: Codify
Checkout my YouTube Video Writeup https://youtu.be/BbXbbBDW48c Engagement Flow Tools used John Chat GPT Moonwalk Tactics/Techniques...
BlueDolphin
May 6, 2024
bottom of page