Writeups

Khashayar Contact

$ ls writeups

Writeups

security notes, exploits, CTFs, and things that broke

2026 Feb 22

picoCTF JAuth

Writeup for the picoCTF “JAuth” challenge – authentication bypass analysis.

ctf privilege-escalation jwt

Read ->

2026 Feb 8

picoCTF More SQLi

This writeup covers my solution to picoCTF's More SQLi challenge.

ctf sql injection

Read ->

2026 Feb 8

picoCTF SQLiLite

This writeup covers my solution to picoCTF's SQLiLite challenge.

ctf sql injection

Read ->

2026 Feb 2

picoCTF byp4ss3d

This writeup covers my solution to picoCTF's byp4ss3d challenge.

ctf file-upload rce php apache

Read ->

2026 Feb 1

picoCTF Crack the Gate 2

In this writeup, I solve picoCTF's Crack the Gate 2 challenge by rotating IPs and bypassing rate-limit restriction to perform a dictionary attack.

ctf web-exploitation rate-limiting dictionary-attack x-forwarded-for

Read ->

2026 Jan 31

picoCTF Crack the Gate 1

In this writeup, I solve picoCTF's Crack the Gate 1 challenge by examining the page's HTML source, decrypting the message left by developers and using it to bypass the login page without a password.

ctf web-exploitation authentication-bypass rot13

Read ->

Writeups

picoCTF JAuth

picoCTF More SQLi

picoCTF SQLiLite

picoCTF byp4ss3d

picoCTF Crack the Gate 2

picoCTF Crack the Gate 1

Created with <3 by Khashayar Khosrosourmi.