2017-02-01
Chalmers CTF
Hey, long time since last post, been busy with university and starting Chalmers very first CTF team: Chalmers CTF!! Check out our website for information: https://chalmersctf.se
2016-09-10
SEC-T CTF - Confusion Writeup
This time I participated in the SEC-T CTF event and it was pretty fun! I played with a group of people from my university and we managed to get quite some points. But I didn’t manage to solve some of the challenges on time. However this didn’t …
2016-07-21
Exploiting weak Content Security Policy (CSP) rules for fun and profit
This article is based on my findings during a bug bounty. I was looking for any input bugs which could trigger a XSS but didn’t find any until I tested the file upload functionality. Users had the option to drag&drop images into the …
2016-06-22
Creating SYN flood attacks with Python
Today it’s very easy for people to download tools that overwhelm computer systems (denial of service) in order to take them offline. There are different types of attacks that can be used to create a denial of service attack, one of them is the SYN …
2016-06-12
Monitoring your server with Monit
I run a couple of services on my server, some of them are web, teamspeak, irc and an openvpn server. I need to be notified if any of these services becomes unresponsive for some reason. This is where Monit comes in. What is Monit? Monit is a small Open …
2016-06-08
Securityfest CTF - Defacer Challenge Writeup
I actually learned something entirely new on this challenge, I decided I had to do a writeup to share my findings. If you read my previous Securityfest CTF writeup you perhaps know that these challenges were from securityfest held in Sweden, which I …