<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"><channel><title>Kyrux Labs</title><description>Cybersecurity research notes and CTF write-ups by Kyrux</description><link>https://kyrux.xyz/</link><item><title>[CTF] A Massive Problem</title><link>https://kyrux.xyz/ctf/ctf-cit-2026/web-a-massive-problem/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/ctf-cit-2026/web-a-massive-problem/</guid><description>CTF@CIT 2026</description><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] Debug Disaster</title><link>https://kyrux.xyz/ctf/ctf-cit-2026/web-debug-disaster/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/ctf-cit-2026/web-debug-disaster/</guid><description>CTF@CIT 2026</description><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] Intern Portal</title><link>https://kyrux.xyz/ctf/ctf-cit-2026/web-intern-portal/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/ctf-cit-2026/web-intern-portal/</guid><description>CTF@CIT 2026</description><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] ArtificialUniversity</title><link>https://kyrux.xyz/ctf/hackthebox/web-artificialuniversity/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/hackthebox/web-artificialuniversity/</guid><description>HackTheBox</description><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] BatchCraft Potions</title><link>https://kyrux.xyz/ctf/hackthebox/web-batchcraft-potions/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/hackthebox/web-batchcraft-potions/</guid><description>HackTheBox</description><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] C.O.P</title><link>https://kyrux.xyz/ctf/hackthebox/web-c-o-p/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/hackthebox/web-c-o-p/</guid><description>HackTheBox</description><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] Dusty Alleys</title><link>https://kyrux.xyz/ctf/hackthebox/web-dusty-alleys/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/hackthebox/web-dusty-alleys/</guid><description>HackTheBox</description><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] NextPath</title><link>https://kyrux.xyz/ctf/hackthebox/web-nextpath/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/hackthebox/web-nextpath/</guid><description>HackTheBox</description><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] Resizer</title><link>https://kyrux.xyz/ctf/hackthebox/web-resizer/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/hackthebox/web-resizer/</guid><description>HackTheBox</description><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] Spookifier</title><link>https://kyrux.xyz/ctf/hackthebox/web-spookifier/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/hackthebox/web-spookifier/</guid><description>HackTheBox</description><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] TorandoService</title><link>https://kyrux.xyz/ctf/hackthebox/web-torandoservice/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/hackthebox/web-torandoservice/</guid><description>HackTheBox</description><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] bad_apple</title><link>https://kyrux.xyz/ctf/tamuctf-2026/web-bad-apple/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/tamuctf-2026/web-bad-apple/</guid><description>TAMUCTF</description><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] Broken Website</title><link>https://kyrux.xyz/ctf/tamuctf-2026/web-broken-website/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/tamuctf-2026/web-broken-website/</guid><description>TAMUCTF</description><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] Brick by Brick</title><link>https://kyrux.xyz/ctf/umassctf-2026/web-brick-by-brick/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/umassctf-2026/web-brick-by-brick/</guid><description>UMassCTF 2026</description><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] BrOWSER BOSS FIGHT</title><link>https://kyrux.xyz/ctf/umassctf-2026/web-browser-boss-fight/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/umassctf-2026/web-browser-boss-fight/</guid><description>UMassCTF 2026</description><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] The Block City Times</title><link>https://kyrux.xyz/ctf/umassctf-2026/web-the-block-city-times/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/umassctf-2026/web-the-block-city-times/</guid><description>UMassCTF 2026</description><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] Turncoat&apos;s Treasure</title><link>https://kyrux.xyz/ctf/umassctf-2026/web-turncoat-s-treasure/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/umassctf-2026/web-turncoat-s-treasure/</guid><description>UMassCTF 2026</description><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>0.1 - DNS Basic</title><link>https://kyrux.xyz/blog/0-1-dns-basic/</link><guid isPermaLink="true">https://kyrux.xyz/blog/0-1-dns-basic/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>0.2- HTTP Basics</title><link>https://kyrux.xyz/blog/02-http-basics/</link><guid isPermaLink="true">https://kyrux.xyz/blog/02-http-basics/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>0.3 - HTML &amp; JS for Pentesters</title><link>https://kyrux.xyz/blog/03-html-and-js-for-pentesters/</link><guid isPermaLink="true">https://kyrux.xyz/blog/03-html-and-js-for-pentesters/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>1.1 - Basic command</title><link>https://kyrux.xyz/blog/11-basic-command/</link><guid isPermaLink="true">https://kyrux.xyz/blog/11-basic-command/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>2.1 - SQL injection</title><link>https://kyrux.xyz/blog/21-sql-injection/</link><guid isPermaLink="true">https://kyrux.xyz/blog/21-sql-injection/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>2.2 - OS command injection</title><link>https://kyrux.xyz/blog/22-os-command-injection/</link><guid isPermaLink="true">https://kyrux.xyz/blog/22-os-command-injection/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>3.1 - Access control vulnerabilities and privilege escalation</title><link>https://kyrux.xyz/blog/31-access-control-vulnerabilities-and-privilege-escalation/</link><guid isPermaLink="true">https://kyrux.xyz/blog/31-access-control-vulnerabilities-and-privilege-escalation/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>3.2 - Insecure direct object references (IDOR)</title><link>https://kyrux.xyz/blog/32-insecure-direct-object-references-idor/</link><guid isPermaLink="true">https://kyrux.xyz/blog/32-insecure-direct-object-references-idor/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>4.1 - Authentication vulnerabilities</title><link>https://kyrux.xyz/blog/41-authentication-vulnerabilities/</link><guid isPermaLink="true">https://kyrux.xyz/blog/41-authentication-vulnerabilities/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>5.1 - Cross-site scripting (XSS)</title><link>https://kyrux.xyz/blog/51-cross-site-scripting-xss/</link><guid isPermaLink="true">https://kyrux.xyz/blog/51-cross-site-scripting-xss/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>5.2 - Reflected XSS</title><link>https://kyrux.xyz/blog/52-reflected-xss/</link><guid isPermaLink="true">https://kyrux.xyz/blog/52-reflected-xss/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>5.3 - Stored XSS</title><link>https://kyrux.xyz/blog/53-stored-xss/</link><guid isPermaLink="true">https://kyrux.xyz/blog/53-stored-xss/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>5.5 - DOM-based XSS</title><link>https://kyrux.xyz/blog/55-dom-based-xss/</link><guid isPermaLink="true">https://kyrux.xyz/blog/55-dom-based-xss/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>6.1 - Path Traversal</title><link>https://kyrux.xyz/blog/61-path-traversal/</link><guid isPermaLink="true">https://kyrux.xyz/blog/61-path-traversal/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>6.2 - File Upload</title><link>https://kyrux.xyz/blog/62-file-upload/</link><guid isPermaLink="true">https://kyrux.xyz/blog/62-file-upload/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>7.1 - Race condition</title><link>https://kyrux.xyz/blog/71-race-condition/</link><guid isPermaLink="true">https://kyrux.xyz/blog/71-race-condition/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>8.1 - Insecure deserialization</title><link>https://kyrux.xyz/blog/81-insecure-deserialization/</link><guid isPermaLink="true">https://kyrux.xyz/blog/81-insecure-deserialization/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>8.2 - Cách khai thác lỗ hổng</title><link>https://kyrux.xyz/blog/82-cach-khai-thac-lo-hong/</link><guid isPermaLink="true">https://kyrux.xyz/blog/82-cach-khai-thac-lo-hong/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>BYPASS giới hạn ký tự trong cmdi</title><link>https://kyrux.xyz/blog/bypass-gioi-han-ky-tu-trong-cmdi/</link><guid isPermaLink="true">https://kyrux.xyz/blog/bypass-gioi-han-ky-tu-trong-cmdi/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>CHEATSHEET CMDI</title><link>https://kyrux.xyz/blog/cheatsheet-cmdi/</link><guid isPermaLink="true">https://kyrux.xyz/blog/cheatsheet-cmdi/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>CHEATSHEET FOR SQLI</title><link>https://kyrux.xyz/blog/cheatsheet-for-sqli/</link><guid isPermaLink="true">https://kyrux.xyz/blog/cheatsheet-for-sqli/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>CHEATSHEET FOR XSS</title><link>https://kyrux.xyz/blog/cheatsheet-for-xss/</link><guid isPermaLink="true">https://kyrux.xyz/blog/cheatsheet-for-xss/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>Note</title><link>https://kyrux.xyz/blog/note/</link><guid isPermaLink="true">https://kyrux.xyz/blog/note/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>Special</title><link>https://kyrux.xyz/blog/special/</link><guid isPermaLink="true">https://kyrux.xyz/blog/special/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>SQLi Quine</title><link>https://kyrux.xyz/blog/sqli-quine/</link><guid isPermaLink="true">https://kyrux.xyz/blog/sqli-quine/</guid><pubDate>Thu, 14 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] cutie web framework</title><link>https://kyrux.xyz/ctf/bksec-training-2026/web-cutie-web-framework/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/bksec-training-2026/web-cutie-web-framework/</guid><description>BKSEC_training</description><pubDate>Wed, 13 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] Gambling Coin 1</title><link>https://kyrux.xyz/ctf/bksec-training-2026/web-gambling-coin-1/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/bksec-training-2026/web-gambling-coin-1/</guid><description>BKSEC_training</description><pubDate>Wed, 13 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] Gambling Coin 2</title><link>https://kyrux.xyz/ctf/bksec-training-2026/web-gambling-coin-2/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/bksec-training-2026/web-gambling-coin-2/</guid><description>BKSEC_training</description><pubDate>Wed, 13 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] Gambling Coin 3</title><link>https://kyrux.xyz/ctf/bksec-training-2026/web-gambling-coin-3/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/bksec-training-2026/web-gambling-coin-3/</guid><description>BKSEC_training</description><pubDate>Wed, 13 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] Happy Soldier</title><link>https://kyrux.xyz/ctf/bksec-training-2026/web-happy-soldier/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/bksec-training-2026/web-happy-soldier/</guid><description>BKSEC_training</description><pubDate>Wed, 13 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] Happy Soldier - Revenge</title><link>https://kyrux.xyz/ctf/bksec-training-2026/web-happy-soldier-revenge/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/bksec-training-2026/web-happy-soldier-revenge/</guid><description>BKSEC_training</description><pubDate>Wed, 13 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] low-effort sns</title><link>https://kyrux.xyz/ctf/bksec-training-2026/web-low-effort-sns/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/bksec-training-2026/web-low-effort-sns/</guid><description>BKSEC_training</description><pubDate>Wed, 13 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] Maze Maze Mazeee</title><link>https://kyrux.xyz/ctf/bksec-training-2026/web-maze-maze-mazeee/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/bksec-training-2026/web-maze-maze-mazeee/</guid><description>BKSEC_training</description><pubDate>Wed, 13 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] parrot</title><link>https://kyrux.xyz/ctf/bksec-training-2026/web-parrot/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/bksec-training-2026/web-parrot/</guid><description>BKSEC_training</description><pubDate>Wed, 13 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] Report the violations</title><link>https://kyrux.xyz/ctf/bksec-training-2026/web-report-the-violations/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/bksec-training-2026/web-report-the-violations/</guid><description>BKSEC_training</description><pubDate>Wed, 13 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] Time Traveler</title><link>https://kyrux.xyz/ctf/bksec-training-2026/web-time-traveler/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/bksec-training-2026/web-time-traveler/</guid><description>BKSEC_training</description><pubDate>Wed, 13 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] Observatory</title><link>https://kyrux.xyz/ctf/sejong-hacktheon-2026/web-observatory/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/sejong-hacktheon-2026/web-observatory/</guid><description>Sejong Hacktheon 2026</description><pubDate>Wed, 13 May 2026 00:00:00 GMT</pubDate></item><item><title>[CTF] Simple-sqli</title><link>https://kyrux.xyz/ctf/sejong-hacktheon-2026/web-simple-sqli/</link><guid isPermaLink="true">https://kyrux.xyz/ctf/sejong-hacktheon-2026/web-simple-sqli/</guid><description>Sejong Hacktheon 2026</description><pubDate>Wed, 13 May 2026 00:00:00 GMT</pubDate></item></channel></rss>