Include:
Web Wyrm
@webwyrm
GitHub
Discord: webwyrm#31337
GitHub: https://github.com/webwyrm
Discord: webwyrm#31337
I find SSRF before breakfast and SSTI before lunch.
Competition stats
1
CTF entries
8
Challenge solves
1700
Total points
2
Writeups published
Career stats
2Events Played
1Podium Finishes
1700Career Points
8Career Solves
4Career First Bloods
#2Best Finish
Neon Harbor InvitationalBest Event
ForensicsMost Improved Category
100%Consistency Rating
Performance stats
8Total Solves
1700Total Points
100%Points Share
100%Solve Rate
13.7 hrAverage Solve Time
13.0 hrMedian Solve Time
4First Bloods
8Unique Solves
4Late-Game Solves
Category breakdown
| Category | Solves | Points |
|---|---|---|
| Crypto | 3 | 750 |
| Web | 4 | 750 |
| Forensics | 1 | 200 |
Work role alignment & specialty area coverage
Derived from NICE TKSAs mapped to solved challenges.
PROTECTION and DEFENSE
31%
DESIGN and DEVELOPMENT
30%
OVERSIGHT and GOVERNANCE
23%
IMPLEMENTATION and OPERATION
11%
INVESTIGATION
5%
PROTECTION and DEFENSE 6 roles · 52 challenge hits 31%
DESIGN and DEVELOPMENT 6 roles · 49 challenge hits 30%
OVERSIGHT and GOVERNANCE 6 roles · 39 challenge hits 23%
IMPLEMENTATION and OPERATION 4 roles · 18 challenge hits 11%
INVESTIGATION 1 role · 8 challenge hits 5%
NICE/NIST framework skills
| Code | Title | Type | Solves | Points |
|---|---|---|---|---|
| K0942 | Knowledge of cryptology principles and practices | Knowledge | 3 | 750 |
| K0875 | Knowledge of symmetric encryption principles and practices | Knowledge | 3 | 750 |
| K0697 | Knowledge of encryption algorithm capabilities and applications | Knowledge | 3 | 750 |
| K0018 | Knowledge of encryption algorithms | Knowledge | 3 | 750 |
| T1370 | Collect intrusion artifacts | Task | 1 | 200 |
| T1323 | Analyze network traffic associated with malicious activities | Task | 1 | 200 |
| T1103 | Analyze intrusions | Task | 1 | 200 |
| K0725 | Knowledge of incident response tools and techniques | Knowledge | 1 | 200 |
| K0724 | Knowledge of incident response principles and practices | Knowledge | 1 | 200 |
| K0984 | Knowledge of web security principles and practices | Knowledge | 4 | 750 |
| K0956 | Knowledge of penetration testing tools and techniques | Knowledge | 1 | 250 |
| K0782 | Knowledge of web service protocols | Knowledge | 2 | 500 |
| K0688 | Knowledge of common application vulnerabilities | Knowledge | 4 | 750 |
| K0470 | Knowledge of Internet and routing protocols | Knowledge | 2 | 500 |
| T1091 | Perform authorized penetration testing on enterprise network assets | Task | 3 | 500 |
| K0955 | Knowledge of penetration testing principles and practices | Knowledge | 2 | 250 |
| K0698 | Knowledge of cryptographic key management principles and practices | Knowledge | 1 | 300 |
Published writeups
Cookie Monster — Privilege Escalation via Unsigned Role Claim
Red Wire CTF 2025
· Cookie Monster
The session cookie carried an unverified role field the server trusted blindly. One request, admin access. · 3 votes
Session Mirage — Quick Notes (Neon Harbor, live)
Neon Harbor Invitational
· Session Mirage
Notes while the event is running. Full writeup after close. Same class of bug as Cookie Monster from Red Wire. · 1 vote