Skip to main content

CTF Writeups

CTFs (Capture The Flag) are cybersecurity competitions where participants have to get creative to retrieve secret strings (flags) from systems specifically designed to be attacked. I've posted writeups for some of the CTFs I've participated in, which explain the steps I took to solve each challenge.

CSAW CTF 2024 Qualifiers

Lost Pyramid - A web exploitation challenge involving JWTs and Jinja2 template injection.

LACTF 2025

2Password - A binary exploitation challenge involving format string vulnerabilities.
MCFlagChecker - A reverse engineering challenge involving an obfuscated Minecraft datapack.
Purell - A web exploitation challenge involving HTML sanitization bypasses.

CSAW CTF 2024 Qualifiers
LACTF 2025