A deep dive into the OAuth and JWT manipulation techniques used in the Oogle and Ooguth CTF challenge, and how scope tampering can lead to uncovering hidden flags.

An in-depth look at the risks of using window postMessage and how improper use can lead to XSS vulnerabilities.

A detailed walkthrough of the Git-Lost CTF challenge, uncovering hidden secrets through repository inspection, encryption, and decoding.