September 12, 2021

HTB - Backdoor

Backdoor is a HTB machine that is rated to be of easy difficulty. However, I think that this machine is defintely an interesting machine that taught me about vulnerabilities surrounding the use of GDBServer.

September 01, 2021

My take on HTTP Request Smuggling

During one of my research sessions over the last couple of days, I’ve come across a new vulnerability - HTTP Request Smuggling. However, I realized that this class of vulnerability is often overlooked and thus, I’ve decided to write an article about it.

August 29, 2021

HTB - cache

Cache is a medium difficulty box but it includes numerous techniques such as docker privilege escalation, VHOST enumeration and memcached exploit.

August 20, 2021

My take on Prototype pollution

With the recent release of a new prototype pollution scanner on Github, I’ve been seeing more and more issues related XSS caused by prototype pollution and guessed its time I write an article about it.

August 15, 2021

HTB - Shocker

I’ve just completed CAP from HTB! In my opinion, Shocker is a relatively simple machine to do and the name literally suggests what exploit it is all about:) In this writeup, I will share more about how I went about tackling this box.