Skip to content

CTF Writeups & IT Security Blog

Was is Bugninja about?

On I would like to introduce you to topics related to IT security in general.
I’m interested in this quite extensive area of IT for a long time and would like to share my experiences with you.
I’ll try to divide the topics into categories in a way that makes sense. At the beginning the selection is probably quite modest, but I hope that the scope and variety of the content will increase over time and that you will find some interesting articles. I have a lot of ideas about interesting topics and I hope that I will find enough time to write something about all these topics.

I am looking forward to get feedback from you. You can send me your opinion, suggestions for topics and (constructive) criticism. Either via the comment function, the contact form or directly by mail to

At the moment there are entries in the categories:

These are the latest posts:

  • picoCTF Cookies

    In this blogpost I’ll showcase how to solve the picoCTF Cookies challenge. This challenge will be an easy one. All we need is a web browser and because of the fact that hackers are lazy people we’ll use a little python script for automation. reconnaissance First we need to open the link in the challenge…

  • picoCTF Easy Peasy

    Todays challenge called “Easy Peasy” from picoCTF is about breaking an one-time pad encrypted flag. If implemented correctly, a one-time pad encryption is impossible to break without the right key.From the challenge description we get a server address we can connect to via nc and a file with the python code which is running on…

  • Blind SQL Injection

    The third blog post in the SQL Injection series is about Blind SQL Injection. Vulnerabilities susceptible to this type of attack are often harder to find, but the extent of the damage is no less severe for the victim. At this point I would like to refer to the other two articles on SQL injection.…

  • Mind your Ps and Qs

    On this post, we’ll break some RSA Crypto for the Challenge “Mind your Ps and Qs” from picoCTF. The challenge description asks us “In RSA, a small e value can be problematic, but what about N?” So, if you don’t know how RSA works or even what RSA is, let me give you a short…

  • picoCTF Stonks

    Today I want to show you how to solve the “Stonks” challenge on picoCTF. The text for the Challenge says: “I decided to try something noone else has before. I made a bot to automatically trade stonks for me using AI and machine learning. I wouldn’t believe you if you told me it’s unsecure! ”…

Older posts: