I was tasked to find vulnerabilities within a Java web application. I found XSS, SQLi, CSRF, as well as access control vulnerabilities.
I provide some suggestions as well as a potential detection mechanism.
With some good teamwork, our team WeWantPizza won a CTF held by the university security society. I decided to use my winning prize as a network-wide ad-blocker. … Continue readingPiHole: A DNS Sinkhole