osint ● hard
The Curator's Exit
Solving the OSINT challenge from CTF@CIT 2026 — cracking a password-protected PDF, performing username enumeration, and investigating target profiles across...
OSINT
@babayaga0x01 // CTF@CIT
Read →Published work
Writeups
osint ● hard
Clowns_APT | 0xL4ugh CTF 2026
An OSINT investigation starting from a single ransom image left on a Node.js developer machine. Trace the attacker across all platforms to uncover an attack...
OSINT
@babayaga0x01 // 0xL4ugh CTF
Read →
web ● medium
cat flag.png
Solving the web challenge 'cat flag.png' from Connectors CTF 2025 — exploiting command injection to exfiltrate a hidden flag image via hex-encoded binary data...
Command Injection DNS Exfiltration
@babayaga0x01 // Connectors CTF
Read →
web ● medium
Stylish-Boss
Exploiting CSS injection and command injection to bypass CSP and steal admin API keys, leading to full system compromise in a web challenge.
Command Injection CSS Injection
@babayaga0x01 // CAT Reloaded CTF
Read →