Coursera Plus Annual is 40% Off — Ends July 6.

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

NahamCon CTF 2023 Web Challenge Walkthroughs - XSS, RCE, and SSTI Techniques

CryptoCat via YouTube

Start learning Write review
Coursera Ad

AI, Data Science & Cloud Certificates from Google, IBM & Meta

Learn More → University of the People Ad

Earn Your Business Degree, Tuition-Free, 100% Online!

Learn More →

Overview

AI, Data Science & Cloud Certificates from Google, IBM & Meta — 40% Off
One plan covers every Professional Certificate on Coursera. 40% off Coursera Plus Annual.
Unlock All Certificates
Learn to solve web security challenges from NahamCon CTF 2023 through detailed walkthroughs covering cross-site scripting (XSS), remote code execution via domPDF, data hiding techniques, and server-side template injection with WAF bypass. Master practical cybersecurity skills by following step-by-step demonstrations of four key challenges: exploit XSS vulnerabilities in the Star Wars challenge, execute remote code through ttf/php polyglot files in Stickers, discover hidden data in the Hidden Figures challenge, and bypass web application firewalls using template injection in Obligatory. Access comprehensive write-ups and additional resources including tools like Ghidra, Volatility, PwnTools, and CyberChef to enhance your capture the flag competition skills.

Syllabus

Start
Star Wars XSS
Stickers domPDF RCE via ttf/php polyglot
Hidden Figures Hidden data/embedded files
Obligatory SSTI + WAF
End

Taught by

CryptoCat

Reviews

Start your review of NahamCon CTF 2023 Web Challenge Walkthroughs - XSS, RCE, and SSTI Techniques

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.