Ankur Sundara

ctf

SekaiCTF'24 htmlsandbox - Author Writeup

HTML parsing differentials are fun!

research

Cookie Bugs - Smuggling & Injection

Research on how browsers encode & send cookies, how they are parsed by various web frameworks, and some bugs

ctf

SECCON CTF 2022 Finals

Winning SECCON Finals, writeups, and some Tokyo pictures.

ctf

DiceCTF 2023 writeups

writeups for the challenges I wrote for dicectf 2023

research

Overlong Sec-Required-CSP header: CVE-2021-37989

abusing long http headers for cache probing

research

The Closed Shadow DOM

a bit of research on security of the shadow DOM

ctf

Hosting a CTF - UIUCTF'21 Overview + Infra

Thoughts on running UIUCTF21, competition decisions, and infrastructure writeup