(English) 🚨 2FA Bypass | How Attackers Still Break Multi-Factor Authentication 🔓🔐
Overview of common 2FA bypass techniques, including flawed verification logic, clickjacking on 2FA disable functionality, and response manipulation.
0X-QUANGND
(English) UTCTF 2026 - Cryptography [Fortune Teller | Oblivious Error | Smooth Criminal]
My write-up for the Verilicious medium crypto challenge, where I analyzed information leaks in PKCS#1 v1.5 padding, translated the samples into a Hidden Number Problem (HNP) instance, and leveraged...
(Vietnamese) ATBMHTTT CN04 | PTIT-Lab 2.2 Perform attacks using hping3 [SYN FLOOD]
Bài thực hành mô phỏng tấn công SYN Flood trong môi trường máy ảo bằng hping3, Python Scapy và Wireshark. Các gói TCP SYN với IP spoofing được gửi tới máy victim chạy web server trên port 80, sau đ...
(English) Fetch The Flag 2026 | Write-up - Voidstep [Forensics]
My write-up for the Fetch The Flag 2026 easy forensics challenge Voidstep, where I analyzed a PCAP in Wireshark, identified decoy-host reconnaissance and the real attacker IP, traced enumeration an...
(English) BreizhCTF 2025 | Write-up - AutHentification 2 [Crypto]
My write-up for the BreizhCTF 2025 hard crypto challenge AutHentification 2, where I exploited a custom AES-GCM implementation bug (missing counter increment between encryption and tag generation),...
(English) BreizhCTF 2025 | Write-up - AutHentification 1 [Crypto]
My write-up for the BreizhCTF 2025 medium crypto challenge AutHentification 1, where I analyzed an AES-GCM misuse (fixed key/nonce and missing tag verification), treated it like a reusable stream c...