Posts about writeups from CTFs, HackTheBox walkthroughs, skills assessments, and other security topics.
HTB CodePartTwo walkthrough covering unauthenticated code execution, lateral movement, and root escalation via a misconfigured backup tool.
HTB "Previous" walkthrough covering Next.js middleware auth bypass, LFI for secrets/creds, SSH access, and Terraform provider override for root escalation.
HTB University CTF 2025: Tinsel Trouble recap with performance summary and brief solution writeups for select challenges.
BackdoorCTF 2025 recap with selected crypto, web, and reversing solve writeups.
Linux HTB box walkthrough covering web enumeration, XWiki RCE, credential pivoting, and privilege escalation.
HTB walkthrough from recon through FTP/web enumeration to PHP-based RCE and shell access.
Advanced footprinting lab covering service mapping and credential recovery via TLS, mail protocols, and SNMP.
Internal footprinting lab notes focusing on DNS/SMB enumeration under exploitation constraints.
CTF recap with sandbox-escape writeups covering Python and Rust jail techniques.
HTB API assessment covering JWT auth flaws, broken authorization, reset abuse, and local file read.
PostgreSQL-on-Ubuntu build log for a simple restaurant system, covering schema/relationships and example customer/order/item queries.
HTB skills assessment write-up covering user enumeration, custom wordlisting, and 2FA bypass via redirect manipulation.