Huli's blog
Archive
Categories
About
中文
Categories
Security (17)
Security
2023-01-23
Intigriti 0123 Challenge Writeup - Second Order MongoDB JS Injection
2022-10-05
SekaiCTF 2022 - safelist writeup
2022-09-01
Who pollutes your prototype? Find the libs on cdnjs in an automated way
2022-08-29
Intigriti 0822 XSS Challenge Author Writeup
2022-08-21
corCTF 2022 writeup - modernblog
2022-07-11
Insecure Deserialization in JavaScript: GoogleCTF 2022 Web/HORKOS Writeup
2022-06-14
justCTF 2022 - Baby XSLeak Write-up
2022-05-05
ångstromCTF 2022 Writeup
2022-05-02
Revenge of Intigriti 0422 Challenge Author Writeup
2022-04-25
Intigriti 0422 XSS Challenge Author Writeup
2022-04-24
How much do you know about script type?
2022-04-14
The Magical Features of RegExp and String Replacement in JavaScript
2022-04-13
Notes XSS Challenge Author Writeup
2022-04-06
SSRF and Account Takeover via XSS in ERPNext
2022-03-30
Sensitive Data Disclosure in WordPress Plugin Amelia < 1.0.49
2022-02-14
Intigriti 0222 XSS Challenge Author Writeup
2022-02-08
Story of critical security flaws I found in Glints