updates

I've passed the CEH exam

Finally moved my blog to Cloudflare.pages

tutorials

How to create a file for Zip Slip

How to spin up a WordPress site in 5 minutes [LAMP Stack]

How to Set Up Automatic Syncing for Obsidian Using GitHub for Free

How to Set Up Zsh on Debian

How to set up and use tmux (Cheat Sheet)

Save OpenVPN Credentials for Automatic Login

Install and Self-host SysReptor on Kali

OSINT Footprinting Cheat Sheet

How to Set Up AI-Powered Coding on Neovim

How to set up Docker and run Kali on Debian

How to install and set up Debian

How to Set Up Git and Connect to GitHub on Linux

Quick Copy & Paste Techniques for Default vi/vim: Moving Text In and Out During Pentesting

writeups

PortSwigger Academy Lab: CSRF where token validation depends on token being present

PortSwigger Academy Lab: Blind SQL injection with time delays and information retrieval

PortSwigger Academy Lab: HTTP request smuggling, confirming a TE.CL vulnerability via differential responses

PortSwigger Academy Lab: Brute-forcing a stay-logged-in cookie

Portswigger Academy Lab: Reflected DOM XSS

PortSwigger Academy Lab: Inconsistent handling of exceptional input

PortSwigger Academy Lab: Reflected XSS into HTML context with most tags and attributes blocked

PortSwigger Academy Lab: Web cache poisoning with an unkeyed header

PortSwigger Academy Lab: SQL injection with filter bypass via XML encoding

PortSwigger Stored XSS

PortSwigger Academy Lab - DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded

Hack The Box Skills Assessment - SQLMap Essentials

Hack The Box Skills Assessment - File Inclusion

Hacke The Box Skills Assessment - Web Service and API Attacks

Hack the Box Skills Assessment - Login Brute Forcing

Web Attacks - Hack The Box Skills Assessment

Hack the Box Skills Assessment - Session Security

Server Side Attacks - Hack The Box Skills Assessment

HTB - File Upload Attacks - Skills Assessment

PortSwigger Academy Lab: Forced OAuth profile linking

Hack The Box - Skills Assessment: SQL Injection FUndamentals

Hack The Box - Skills Assessment: Command Injections

PortSwigger Lab: Manipulating the WebSocket handshake to exploit vulnerabilities

PortSwigger Lab: Exploiting XXE via image file upload

PortSwigger Lab: Insufficient workflow validation

PortSwigger Lab: Exploiting HTTP request smuggling to deliver reflected XSS

PortSwigger Lab: DOM XSS in `document.write` sink using source `location.search` inside a select element

PortSwigger Lab: Blind OS command injection with output redirection

PortSwigger Lab: Using application functionality to exploit insecure deserialization

PortSwigger Academy Lab: Server-side template injection in an unknown language with a documented exploit

PortSwigger Lab: SSRF with filter bypass via open redirection vulnerability

PortSwigger Lab: File path traversal, traversal sequences stripped non-recursively

PortSwigger Lab: Information disclosure in version control history

PortSwigger Lab: DOM XSS using web messages and a JavaScript URL

PortSwigger Lab: CORS vulnerability with trusted insecure protocols

PortSwigger Lab: Web cache poisoning with multiple headers

PortSwigger Lab: Multi-step process with no access control on one step

PortSwigger Lab: Broken brute-force protection, IP block

PortSwigger Academy Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft

PortSwigger Lab: CSRF where token validation depends on request method

PortSwigger Academy Lab: OAuth account hijacking via redirect_uri

PortSwigger Lab: Web shell upload via extension blacklist bypass

XSS (Cross-Site Scripting) [Skills Assessment] Hack The Box Writeup

Attacking web applications with ffuf [Skill Assessment] Hack the Box Writeup

Information Gathering Web Edition [Skill Assessment] Hack the Box Writeup

Broken Authentication [Skill Assessment] Hack The Box Writeup

JavaScript Deobfuscation Skill Assessment - Hack the Box Writeup

WordPress Hacking [Skill Assessment] - Hack The Box Writeup

HackTheBox Writeup - [Using Web Proxies] Skill Assesment