HackTheBox Puppy Writeup
A walkthrough of the HackTheBox 'Puppy' machine. This write-up covers initial access, privilege escalation, and post-exploitation techniques.
HackTheBox Fluffy Writeup
A walkthrough of the HackTheBox 'Fluffy' machine which is easy rated windows box. This write-up covers initial access, privilege escalation,…
Web Application Race Conditions Vulnerabilities
This note covers race condition vulnerabilities in web applications, where multiple processes or requests are executed simultaneously, leading…
Web Application Information Disclosure
Information disclosure issues often reveal sensitive data such as framework versions, environment variables, source code, or even admin bypass…
Web Application Business Logic Vulnerabilites
Collection of PortSwigger labs demonstrating business logic vulnerabilities in web applications, including flaws in workflow validation,…
Web Application Authentication Vulnerabilites
Comprehensive notes and practical lab walkthroughs on web application authentication vulnerabilities. Covers topics such as username…
CVE-2025-32433-Erlang-OTP-SSH-Unauthenticated-RCE
PoC showing unauthenticated remote code execution in Erlang/OTP SSH server. By exploiting a flaw in SSH protocol message handling, an attacker…