Blog

“The sky above the port was the color of television, tuned to a dead channel.”

Methodology posts, HackTheBox writeups, tooling notes, and opinionated pieces.

HTB: Previous

2025-08-26MediumLinux3 min read

Next.js middleware authentication bypass (CVE-2025-29927), LFI for credential extraction, and Terraform provider override for root.

[Read More →]

Web Application Security Checklist for Penetration Testers

2025-07-233 min read

#web-security #checklist #penetration-testing #owasp

A systematic checklist covering every phase of a web application security assessment — from recon and auth testing to business logic flaws and reporting.

[Read More →]