Description Author: 0x999 Find the FLAG and win Intigriti swag! 🏆 The solution: Should work on the latest version of Chromium and FireFox. Should leverage a cross site scripting vulnerabili...

Description Can you steal the flag, even though I’m using the latest version of https://github.com/gotenberg/gotenberg? Individual instances can be started at the link below: https://lab1.kalmarc...

Description Do you like DNS-over-HTTPS? Well, I’m proxying https://dns.google/! Would be cool if you can find an XSS! Report to admin locally: curl http://localhost:8008/report -H "Content-Type: a...

Description To get the flag, you need: the mTLS cert, connecting from localhost, … and break physics? Should be easy! Challenge note: the handout files contains tls internal while the hosted chall...

Description I WANT TO BELIEVE. He can’t be all three. Something doesn’t add up! Author: @HuskyHacks Solution First Look The challenge is a simple PHP application composed of four files: index.ph...

Description Web-LOG? We-BLOG? Webel-OGG? No idea how this one is pronounced. It’s on the web, it’s a log, it’s a web-log, it’s a blog. Just roll with it. Author: @HuskyHacks Solution First Look ...

Description We’ve been working on a little side project - it’s a URL unfurler! Punch in any site you’d like and you’ll get the metadata, main image, the works. We’re publishing it open source soon,...

Challenge 0125 by Godson Description This challenge is part of Intigriti’s monthly challenges. The point of the challenge is to trigger XSS on the given domain with no user interaction required, ...