Tag: ctf

• Defhawk CTF Writeup – NextJS Middleware Bypass

  In this article, I will walk you through a CTF that simulates the NextJS middleware bypass vulnerability described in CVE-2025-29927. I will also discuss a simple Python POC that Google Gemini wrote for me. This helped me understand the vulnerability and find the flag. CTF Description https://defhawk.com/battleground/raid/appliedoffsecandwebsecurity/fakeestate The CTF link provides the following description: “You…

  raghavan

  April 14, 2026

  ctf, ethical hacking, javascript

  crac, ctf, cve, CVE-2025-29927, defhawk, python, writeup

• DefhawkCTF Writeup – THE LABS INTERNAL BREACH

  In this article, I will walk you through how i solved this CTF. The CTF is described as follows: An internal reconnaissance phase has revealed that Internal Industrial System is running a legacy support portal for its OT (Operational Technology) engineers. While the portal isn’t directly exposed to the public internet via its IP, we suspect…

  raghavan

  March 30, 2026

  ctf, ctf, cybersecurity, ethical hacking, Uncategorized

  crac, ctf, ethical hacking, writeup

• Defhawk CTF Writeup – Multiple XSS

  In this writeup, i will walk you through a 3-level XSS CTF, available at the following link https://defhawk.com/battleground/raid/applied-off-sec-and-web-security/multiple-xss. The goal of these challenges is to trigger a pop up that says “defhawk” by bypassing the filters at that level. Click on Play Challenge to launch the web page with the challenge. Level 1 Click on…

  raghavan

  March 28, 2026

  cybersecurity, ethical hacking, Uncategorized

  crac, ctf, web-security, writeup, xss