Due to being busy lately, I haven’t been participating in CTFs as much in the past two or three months. However, I still come across some interesting challenges on Twitter. Even though I don’t have time to solve them, I still take notes because if I don’t, I won’t be able to solve them later for sure.
This post mainly documents some web front-end related challenges. Since I might not have personally solved them, the content is based on references from others’ notes, with some personal insights added.
- copy paste XSS
- connection pool
- content type UTF16
- Chrome DevTools Protocol
- new headless mode default download
- Scroll to Text Fragment (STTF)
- webVTT cue xsleak
- flask/werkzeug cookie parsing quirks