Stickied Posts

Recent Posts


less than 1 minute read

I participated with the NUS Greyhats in this year’s HITBGSEC CTF 2017. It was organised by the HITB Netherlands CTF team and the XCTF League crew. It ran ext...

HITBGSEC CTF 2017 - Pasty (Web)

2 minute read

JSON Web Tokens have no means of authenticating the header and thus can be abused to manipulate the server into verifying a forged signed message with a key ...