CTF solutions, vulnerability research, and security analysis. Each writeup is a deep dive into real-world attack techniques and defensive strategies.
Easy Linux room covering insecure file upload exploitation, a .phtml PHP bypass, Meterpreter shell access, and privilege escalation through a SUID Python binary.
Critical RCE vulnerability in n8n workflow automation platform affecting versions 0.211.0 through 1.120.3, allowing authenticated attackers to execute arbitrary system commands via expression injection.
Windows Domain Controller challenge demonstrating RID cycling, password spraying, Kerberoasting, and privilege escalation through computer account compromise and DCSync attacks.
Advanced digital forensics and compromise assessment conducting thorough Linux host investigation to identify backdoors, hidden processes, and persistence mechanisms.
In-depth exploration of OWASP Top 10 2025 categories A01, A07, and A09 focusing on failures in the IAAA security model with practical testing methodologies.
Cloud security challenge demonstrating AWS S3 bucket misconfiguration vulnerabilities. Enumerate public bucket contents and retrieve captured credentials.
Comprehensive analysis of LOL techniques leveraging trusted Windows tools for stealthy attacks. GTFOBins, Sysinternals abuse, PowerShell IEX, and WMI event subscriptions.
Linux server hardening challenge covering Redis authentication, SNMP security, SSH cryptographic hardening, service privilege management, and database exposure control.
Comprehensive MITM analysis through network traffic forensics covering ARP spoofing, DNS poisoning, and SSL stripping with Wireshark packet-level analysis.
Exploration of web attacks including XSS, SQLi, and detection methods through log and traffic analysis. Directory fuzzing, brute-force, and WAF strategies.
Exploration of denial-of-service attacks, detection techniques using Splunk log analysis, botnet analysis, traffic pattern identification, and mitigation methods.
Network traffic analysis fundamentals covering DNS tunneling, HTTP traffic inspection, protocol analysis, and packet-level investigations with practical techniques.
IP and domain analysis using open source threat intelligence tools. Domain reconnaissance, IP geolocation, ASN analysis using Shodan, Censys, and RDAP.
File and hash analysis using threat intelligence tools covering malware sample investigation, hash-based identification using VirusTotal, MalwareBazaar, and Hybrid Analysis.
Malware identification and classification covering behavioral characteristics, specific malware families, cryptominers, ransomware, spyware, and technical signatures.
Interactive phishing awareness training through 10 progressively challenging scenarios covering suspicious links, spoofing, domain look-alikes, and social engineering.
Comprehensive tutorial on setting up and using Nessus for professional vulnerability scanning, covering scan templates, configuration, and vulnerability detection.
Comprehensive guide to Rust programming through practical exercises covering fundamentals, memory management, ownership, and building secure applications.
Rick and Morty themed CTF involving web server exploitation, command execution bypass, file system exploration, and privilege escalation to find three flags.
Easy Linux machine demonstrating SweetRice CMS exploitation, web shell access, and privilege escalation through misconfigured sudo permissions.
Boot2root exploitation featuring SSH brute-forcing with Hydra, privilege escalation via misconfigured sudo, and Python script manipulation via GTFOBins.
Apache Tomcat exploitation using Ghostcat vulnerability (CVE-2020-1938), WAR file deployment, and privilege escalation through cron job manipulation.
Lo-fi beats themed CTF featuring Local File Inclusion exploitation through directory traversal, ffuf fuzzing, and sensitive file disclosure including /etc/passwd.
