Intigriti

Prototype Pollution, reCAPTCHA and XSS - Solution to June '23 Challenge

Exploiting Server-side Parameter Pollution in a Query String

DOM Clobbering, CSPP (axios) and XSS - Unintended Solutions to January '24 Challenge

Intel's 1337UP Knights of Elektron Live Hacking Event Aftermovie

Cheat Engine: Introduction (tutorial 1-4) - Game Hacking Series

Exploiting Time-sensitive Vulnerabilities

Web Shell via Polyglot File Upload!

Proxying Android Traffic through Burp Suite (incl credential fuzzing & IDORs)

SQL Injection to Retrieve Hidden Data!

Introduction to Android Hacking

Cheat Engine: Code Finder (tutorial 5) - Game Hacking Series

SSRF in 100 seconds

Enumerating 100 targets at once! Meg - Hacker Tools

Leveraging Server Side XSS (PDF) for Auth Bypass - "My Music" [INTIGRITI 1337UP LIVE CTF 2023]

Cheat Engine: Code Injection (tutorial 7, part 1) - Game Hacking Series

JWT Authentication Bypass via jku Header Injection

Cheat Engine: Multi-level Pointers (tutorial 8) - Game Hacking Series

Automatic Vulnerability Scanner! Nuclei - Hacker Tools

Blind Command Injection (in a slim docker container) - Solution to July '23 Challenge

Overflows in PHP?! Solution to March '22 XSS Challenge

Cheat Engine: Cheat Table Framework Code (tutorial 7, part 2) - Game Hacking Series

XSSHUNTER by @IAmMandatory (Behind The Tool #2)

List Database Content For Further Exploitation!

Caido - Hacker Tools

Multi-endpoint Race Conditions

Researcher API

Android Root Detection Bypass (Frida Hooking and APK Patching)

Hack EVERY API! KiteRunner - Hacker Tools

JWT Authentication Bypass via jwk Header Injection

JWT Authentication Bypass via Weak Signing Key

Hacking Unity Games with Cheat Engine and dnSpy - "Bug Squash (part 1)" [INTIGRITI 1337UP CTF 2024]

Exploiting Server-side Parameter Pollution in a REST URL

How To Search For CSRF!

Cracking a JWT with MD5_HMAC Algorithm - Marmalade 5 [NahamCon CTF 2023]

How to search for XXE!

What is Directory Traversal?

Bypassing Rate Limits via Race Conditions

How to exploit a blind SSRF?

Web Shell Upload via Obfuscated File Extension

How To Search For SSRF!

Hacking the past! Waybackurls - Hacker Tools

JWT Authentication Bypass via Unverified Signature

XSS via ES6 Reflect API - Solution to May '23 Challenge

JWT Authentication Bypass via kid Header Path Traversal

DOM XSS in jQuery Selector Sink using a Hashchange Event

Web Shell via Denylist Bypass!

SQL injection with Filter Bypass via XML Encoding

Hacker Tools - Ciphey

Out-of-Scope Days 2022 - Intigriti Team Trip

How To Search For DOM-Based XSS!

How File Upload Vulnerabilities Work!