
Breaking Pokémon Go Anti-Cheating System - Part 2
Recall Last we left off, I had successfully built a working Pokémon Scanner, having understood the internals of the Pokémon Go protocol: the app communicates using client-server protobuf remote pr...

Recall Last we left off, I had successfully built a working Pokémon Scanner, having understood the internals of the Pokémon Go protocol: the app communicates using client-server protobuf remote pr...

This year’s AppSec IL 2025 had a CTF accompanying it during the 3 days before the event. I participated alone (hence why my team was “Loner”), and ended up placing 4th! Much better results than I ...

I’m on the final challenge of the CTF! And what a wild ride it has been. But, before celebration begins, there’s still one puzzle left to solve. In this challenge, I got…Nothing? No link, no file...

The second exericse of the last episode features a fun little “Chrome-is-offline” game of the Project Zero team capturing bugs (and avoiding walls, I wonder if there’s an analogy there) at https://...

It’s episode 5, baby! This is the last one on this CTF, and what a road it has been so far! But, there are still (at least) 3 challenges left. First, as I learned the hard way previously, you hav...

Intro(spective) In the past two weeks, right after DEFCON uploaded the videos for this year’s talks, I decided to not procrastinate as I usually do. Instead, I sat down, watched the talks, and mad...

Wrapping up this episode’s challenges, in this one I get a hint: Look around the site to find out how to contribute. This made me remember that, while reviewing the code during the challenge,...

So as described in the previous challenge, I actually solved this one beforehand, and it’s pretty short and sweet. Clicking on the challenge link, it downloads a compressed folder containing an im...

Starting off episode 4, I learned from past mistakes and paid a bit more attention to the video. This time, it covers Google’s bug bounty program - an effort to pay white-hat hackers to catch the v...

Aaaand we’re back to zipped challenges. This time, it’s an image and an apk file. The image is a…QR code? Pretty QR Code It’s one of the cooler-looking ones - QR codes are rubost enough t...