Heart Part 7 — dalCTF 2026
Category: WebFlag: dalctf{p1mp_p1mp_h00r4y} Overview A multi-stage web challenge themed around Kendrick Lamar's m.A.A.d city / Kung Fu Kenny lore. The attack chain involved: SQL injection to bypas
Jun 8, 20264 min read
Command Palette
Search for a command to run...
Series
dalctf
My writeups from dalCTF 2026 — covering Web, GeoOSINT, OSINT, Misc, and Rev challenges. Solved: Web (heart), GeoOSINT, Misc, and a Rev challenge.
Iceman - dalCTF 2026
Flag: dalctf2026{open-ticket-send-me-ur-fav-song-in-album6}Category: Web / GraphQL / JWT Overview A music-themed GraphQL API protected by JWT-based tier access control. The goal was to escalate from
Jun 8, 20264 min read5
Weird Movements - dalCTF
Category: Forensics Flag: dalctf{h3h3_i_s2_p41nt} Overview We're given a packet capture. The capture turns out to be a Linux USB HID (mouse) trace — the user held left-click and physically drew the
Jun 8, 20264 min read
Render & Plunder - dalCTF 2026
Challenge: Render & PlunderCategory: Web Security / Defense Challenge Description I wrote a user-profile service with a nice renderer for myself. Surely it's secure, right? Take a look and patch any
Jun 8, 20265 min read