My personal website. Here you can read the blog, find links, and more.| jorianwoltjer.com
A surprising RCE challenge instead of XSS, created by @ToG. I took an unintended approach involving the Preferences file and a chromedriver CSRF RCE issue, a must-know for CTF authors.| Blog | Jorian Woltjer
Disabling password authentication of your OBS WebSocket server can have devastating consequences. We'll attack from the browser to construct an RCE payload on Windows formed from the pixels of an image, a polyglot.| Blog | Jorian Woltjer
Combing a lot of browser tricks to create a realistic Proof of Concept for the Double-Clickjacking attack. Moving a real popunder with your mouse cursor and triggering it right as you're trying to beat your Flappy Bird high score.| Blog | Jorian Woltjer
A challenge by @joaxcar with a small but complex XSS chain, hitting DOM Clobbering with a race condition and abusing a cool URL parsing quirk in JavaScript.| Blog | Jorian Woltjer
A hard Cross-Site Scripting challenge chaining small bugs with one very hard step to leak a fragment directive using Self XSS| Blog | Jorian Woltjer
A fun story about discovering my site was vulnerable to Cache Deception, allowing the visit of a link by me to leak all hidden blog posts to an attacker, thanks to URL-decoding and Path Traversals to confuse cache rules| Blog | Jorian Woltjer
The solution to my small XSS challenge, explaining a new kind of CSP bypass with browser-cached nonces. Leak it with CSS and learn about Disk Cache to safely update your payload| jorianwoltjer.com