diff --git a/content-type_bypass/README.md b/content-type_bypass/README.md
new file mode 100644
index 0000000..a2cb8f8
--- /dev/null
+++ b/content-type_bypass/README.md
@@ -0,0 +1,42 @@
+# Content-Type Bypass 
+
+## How We Found It
+We found this page on the home page, at the bottom there is an Add image button. on this page we can upload a file.  
+what happens if we try to upload a normal image ?  
+```
+/tmp/JavaScript-logo.jpg succesfully uploaded.
+```
+intresting. the site tells me where the file is uploaded which might not be a good idea. what if I upload a script and somehow manage to make the server execute it.
+Let's try to send a random file I have.
+```
+Your image was not uploaded.
+```
+:( why doesn't it accept my file. is it the extention ? let's try to rename it  
+```
+/tmp/output.jpg succesfully uploaded.
+```
+it is uploaded but I don't get anything. maybe I need to do something else, how would it be executed if it doesn't have the right extention.
+let's modify the headers and request content using curl.
+
+first, we're going to try to upload a file normally using curl with this command  :
+```
+curl -X POST -F "uploaded=@JavaScript-logo.jpg" -F Upload=Upload "http://192.168.56.101/?page=upload"
+```
+it worked, nice now let's try to modify the content-type settings in the `uploaded` field with this command
+```
+curl -X POST -F "uploaded=@output.path;type=image/jpeg" -F Upload=Upload "http://192.168.56.101/?page=upload"
+```
+it worked and I got the flag.
+
+## Utility of It
+- Allows an attacker to upload and possibly execute malicious files (e.g., scripts or binaries) on the server.
+- Can lead to Remote Code Execution (RCE) if the file is interpreted by the server.
+- Can expose internal paths or enable path traversal, depending on how uploaded files are handled.
+- Dangerous in CTFs and real-world apps alike.
+
+## How Can We Patch It
+- Strictly validate file types server-side, not just by extension or content-type header.
+- Use MIME sniffing + magic byte checks to confirm file content matches expected type.
+- Rename uploaded files and store them in non-executable directories.
+- Disallow direct access to uploaded files unless absolutely necessary.
+- If uploads are needed, serve them via a proxy or from a CDN that does not allow execution.
diff --git a/input_validation/README.md b/input_validation/README.md
new file mode 100644
index 0000000..f1b19b4
--- /dev/null
+++ b/input_validation/README.md
@@ -0,0 +1,19 @@
+# Client side validation bypass
+
+## How We Found It
+On the home page, there is a link to a survey page. this page has a list of subject, an average score and a number of vote. We can give a grade between 0 and 10.  
+But what if we change in the html page, the value of a score and put something bigger than 10, can we put a grade of 1000 ?  
+Yes we can, and we get a flag.
+
+## Utility of It
+This allows an attacker to:
+    - Submit invalid or malicious data (e.g., score > 10).
+    - Manipulate application logic (e.g., gain unfair advantage or retrieve flags).
+    - Potentially exploit further vulnerabilities if the data is used insecurely elsewhere (e.g., SQL injection, XSS).
+
+
+## How Can We Patch It
+    - Validate all input on the server side regardless of client-side checks.
+    - Enforce boundaries (e.g., score must be between 0 and 10) on the backend.
+    - Use a schema validation library or built-in mechanisms to reject bad data.
+    - Never trust client-side data blindly — browsers can be manipulated.