# 0724: Memo Sharing

| Name                                                                   | Authors                                                                   | Category                      |
| ---------------------------------------------------------------------- | ------------------------------------------------------------------------- | ----------------------------- |
| [Intigriti July Challenge (2024)](https://challenge-0724.intigriti.io) | [a\_l](https://twitter.com/L4ish) + [wubz](https://twitter.com/Wubzwubzz) | XSS, DOM Clobbering, CSP, RPO |

## Challenge Description

> Alert document.domain and win Intigriti swag.

## Useful Resources

* [XSS cheatsheet](https://portswigger.net/web-security/cross-site-scripting/cheat-sheet)
* [Portswigger: DOM clobbering](https://portswigger.net/web-security/dom-based/dom-clobbering)
* [DOM clobbering wiki](https://domclob.xyz/domc_wiki/)
* [CSP evaluator](https://csp-evaluator.withgoogle.com)
* [Relative Path Overwrite](https://support.detectify.com/support/solutions/articles/48001048955-relative-path-overwrite)

## Community Writeups

1. [realansgar](https://realansgar.dev/writeups/intigriti-xss-0724)
2. [stealthcopter](https://sec.stealthcopter.com/intigriti-july-2024-ctf-challenge-memo)
3. [txc](https://sekai.team/blog/intigriti-0724/writeup)
4. [domons](https://github.com/Dom0nS/ctf/blob/main/CTF_writeups/Intigriti%20Monthly%20Challenges/July_XSS_challenge_Intigriti_2024.md)
5. [smickovskid](https://damjan-smickovski.dev/blog/intigriti_challenge_0724_writeup)
6. [303sec](https://303sec.com/2020/07/05/intigriti-xss-challenge-july-2024)
7. [cybersecu](https://gist.github.com/Siss3l/bf197680e7e8b3860ee91d2856c56d91)