🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

This CTF challenge took me a look of time to implement... Hope that would be interesting. #HKCERTCTF2023

Black Bauhinia at SECCON CTF in a nutshell. We ranked 11 (out of 12), which equivalently entitled 下弦之伍 in the Demon Hunter.

I made 13 challenges for HKCERT CTF 2023 happened last Nov. I finished the three-part writeup after two months of procrastination. The first post includes the easier crypto challenges, where there is "Sign me a Flag (II)", a play on the ambiguity attack. mystiz.hk/posts/2024/202…

I playes TetCTF and solved one crypto challenge, adapt, which required us to create a fake range proof in cosmos/[email protected]. Thanks ndh for the amazing challenge! mystiz.hk/posts/2024/202…

Happy valentine's day! I am really glad to tell that I have been accompanied for three years... by this blog post: wwkenwong.github.io/fuzzing/2021/0… Happy anniversary and when you are going to release part 2 of your blog post, Wwkenwong?

🚀 Exciting News! 🚀 We've just released the first edition of our CTF team's newsletter! 📰 Dive into the security insights. Check it out here: b6a.black/posts/2024-08-… 🔒✨

#HKCERT CTF starts tomorrow! I wrote some challenges this year - and they are guaranteed unoriginal! Register here: platform.ctf.hkcert.org

🚀 Join the HK Cyber Security New Generation CTF Challenge 2024! 🛡️ 🗓️ 8 Nov 10 am - 10 Nov 10 am (UTC +0) (48 hrs) 💰 Win yourselves a chance to attend on-site final competition and elevate your skills! 🔗 Register: platform.ctf.hkcert.org Hack your way to victory! 🏆

Got first place at HKCERT CTF this weekend with my teammates, it's our second year in a row. Look forward to onsite finals in HK next Jan :)

何より印象に残っているのが、Miscカテゴリで出題されたTuning Keyboardシリーズの2問 1問は添付の画像のように怪文書が渡され、もう1問は似た雰囲気の文章がプレースホルダとなっている謎のフォームが与えられる(それを送信すると、謎の「実行結果」が返ってくる)というものだった

The qualification round for HKCERT CTF 2024 is finally over (I am actually ~6 hours late). Congrats to the winners and hope you enjoyed the game! Time to design challenges for finals...

Found a DOMPurify 3.2.3 Bypass on Chinese New Year! Works when `SAFE_FOR_TEMPLATES` is set to true. ensy.zip/posts/dompurif…

Recently participated in x3CTF and LA CTF with Black Bauhinia, here are writeups to some challenges I found quite interesting: x3CTF blogdog(DOMPurify quirk + CSS exfil): ensy.zip/posts/2025-x3c… LA CTF antisocial(.replace XSS + weird cookie manipulation): ensy.zip/posts/2025-lac…

💡PolyU x NuttyShell Cybersecurity CTF 2025 is here! Join this 48-hour cybersecurity marathon on 19 April 2025! One more event for Hong Kong students! 🔥

First proper bug bounty :P Thanks Google VRP (Google Bug Hunters)