realansgar

🧑‍💻 finding flags @ FluxFingers
🔏 finding bugs @ Cure53

play challenges publications writeups

Recent Stuff

Sonar — Securing Kotlin Apps With SonarQube: Real-World Examples

July 15, 2025

Sonar — Scripting Outside the Box: API Client Security Risks (2/2)

May 20, 2025

Sonar — Scripting Outside the Box: API Client Security Risks (1/2)

May 13, 2025

Sonar — Diving Into JumpServer: Attacker’s Gateway to Internal Networks (2/2)

March 25, 2025

Sonar — Diving Into JumpServer: Attacker’s Gateway to Internal Networks (1/2)

March 18, 2025

Sonar — Government Emails at Risk: Critical Cross-Site Scripting Vulnerability in Roundcube Webmail

August 27, 2024

Intigriti XSS Challenge July 2024 — Finding a new DOMPurify bug

July 9, 2024

Insomni'hack 2024 — Diving Into JumpServer: The Public Key Unlocking Your Whole Network

April 25, 2024

Sonar — Pitfalls of Desanitization: Leaking Customer Data from osTicket

February 6, 2024

Intigriti XSS Challenge January 2024 — Prototype Pollution in axios leads to XSS

January 16, 2024

Sonar — pfSense Security: Sensing Code Vulnerabilities with SonarCloud

December 11, 2023

Hacklu CTF 2023 — StylePen Writeup

October 24, 2023

Intigriti XSS Challenge July 2022 — SQL Injection leading to XSS

August 1, 2022