Home

Navigating the AI Era: Why I Invested in the Burp Suite Certified Practitioner (BSCP) Exactly one month ago, I officially achieved the Burp Suite Certified Practitioner (BSCP) certification. In the…

Executive Summary This write up documents the complete exploitation chain for the "Conversor" machine on HackTheBox. The attack path leverages an XSLT injection vulnerability in a web application…

I'm excited to announce that I've just published AzureSecAnalyzer , a PowerShell based tool that checks the security settings of Azure resources. Whether you're managing a small scale deployment or a…

CTF Report: 2Million https://app.hackthebox.com/machines/TwoMillion Initial Results and Information We started by performing an Nmap scan on the target machine: We have two services running: SSH and…

Link to target Introduction This post details the process of solving the "Smithers" challenge on echoctf.red. Enumeration Phase Nmap Scan I start the reconnaissance with nmap: Web Server on Port…

Link to target Capture the Flag (CTF) Write Up: Soccer.htb Table of Contents 1. Initial Enumeration Nmap Scan Key Findings 2. Enumeration and Exploitation Discovering Tiny File Manager Exploiting…