# 0226: InkDrop | Name | Authors | Category | | -------------------------------------------------------------------------- | -------------------------------- | -------------------------- | | [Intigriti February Challenge (2026)](https://challenge-0226.intigriti.io) | [d3dn0v4](https://x.com/d3dn0v4) | CSP Bypass, Blind XSS, XSS | ## Challenge Description > Find a way to capture the flag and win Intigriti swag! 🏆 ## Community Writeups 1. [luq0x](https://medium.com/@luq0x/intigriti-challenge-0226-stored-xss-via-csp-bypass-on-the-inkdrop-platform-750c010a88c4) 2. [zar](https://github.com/Franc-Zar/CTFsWriteups/tree/main/intigriti/february-challenge-0226) 3. [magicsale](https://medium.com/@msfire/csp-bypass-via-jsonp-analyzing-intigritis-inkdrop-challenge-2c75d6feb018) 4. [simba\_5](https://medium.com/@hoosun678/complete-write-up-intigriti-february-challenge-2026-xss-to-rce-via-jsonp-injection-a9790e59f51f) 5. [m0habozaid](https://medium.com/@mohamedabozaid961/intigriti-challenge-0226-write-up-dbf9146dc1f4) 6. [ijhagaurav](https://medium.com/@gauravjha68535/intigriti-feb-2026-cooking-the-csp-with-a-side-of-jsonp-d194f9305fc4) 7. [dr4g0n369](https://gist.github.com/dr4g0n369/14dcbbdccec96760248d72d124411782) 8. [kutaysec](https://hackmd.io/@KutaySec/rJInGJ7uWl) 9. [evilgenius01](https://sujaltuladhar.com.np/blog/Intigriti_February_2026_XSS_Challenge) 10. [marchenaa](https://medium.com/@marchenaa/bypassing-csp-via-jsonp-callback-injection-intigriti-challenge-0226-write-up-d4f0e3061123) 11. [safehacker\_2715](https://medium.com/@safehacker_2715/intigriti-ctf-february-2026-csrf-xss-idor-chain-9850654bd6b9) 12. [whyn0t](https://bountyproofs.com/write-up-intigriti-0226-challenge) 13. [cryptocat](https://cryptocat.me/blog/ctf/monthly/intigriti/inkdrop/) 14. [achraf1337](https://40rbidd3n.medium.com/intigriti-challenge-0226-stored-xss-csp-bypass-a8d65a55631f) 15. [deftik211](https://www.notion.so/Writeup-for-Challenge-0226-30bdb908e22180db9027d409cfd5b3c3?source=copy_link) 16. [r1sky](https://www.notion.so/Intigriti-Challenge-0226-30bdcf24f9d88073918ed6c4bdb960e7) 17. [everything\_blackkk](https://everythingblackkk.gitbook.io/everythingblackkk/ctf/inkdrop-intigriti) 18. [err0n](https://github.com/Er01vkc/write-ups/blob/main/Web/intigriti-challenge-0226/intigriti-challenge-0226/writeup.md) 19. [fjordsec](https://gist.github.com/fjordsec/9898c427663e5324d835ab38cc940f15) 20. [krish\_03](https://medium.com/@krish232003/-1ce556f9f6d4) 21. [mrx0rd](https://hackmd.io/@F3kPQ9vaREWa_nDptG0crA/mrx0rd) 22. [h3ri0s](https://www.notion.so/Intigriti-0226-Writeup-304b5de6fde480119c01c1630f1a496b?source=copy_link) 23. [p0psec](https://hackmd.io/join/note/_ZqRaKsRiS) 24. [ahmedhamed](https://h4cker404.gitbook.io/blog/ctf/intigriti-challenge-0226-from-blocked-alert-to-admin-flag) 25. [r4id\_](https://jorenverheyen.github.io/intigriti-february-2026.html) 26. [cod3rjava](https://medium.com/@cod3rjava/intigriti-xss-challenge-inkdrop-write-up-stored-xss-via-preview-jsonp-callback-e4db4ff49701) 27. [boffman](https://gist.github.com/boffman/19e93c9780009c99a247231a6c37c120) 28. [omkarmagar](https://gist.github.com/omkar7505/c6828888806fe03178d596f241434e06) 29. [juniorbrets](https://medium.com/@cipher01x/%EF%B8%8F-write-up-from-weak-markdown-to-administrative-account-takeover-0d693a99faa8) 30. [roguenull](https://medium.com/@roguenull/intigriti-february-2026-challenge-ctf-write-up-33b7dbc17264)