Writeups

Detailed technical analysis of vulnerabilities discovered during bug bounties, CTFs, and personal research.

Filter by Platform:

Hack The Box

1 post

December 5, 2025

adprivilege-escalationred-teaming

A walkthrough of a common but deadly attack path in Active Directory starting with AS-REP roasting and ending in complete domain compromise.

2 posts

November 20, 2025

apibroken-access-controlauth-bypass

How a missing authorization check on a critical API endpoint allowed full account takeover.

October 15, 2025

xssbugbountywebsec

A detailed walkthrough on discovering a Reflected Cross-Site Scripting (XSS) vulnerability that bypassed an initial WAF filter using clever encoding.

1 post

October 15, 2025

xssbugbountywebsec

A detailed walkthrough on discovering a Reflected Cross-Site Scripting (XSS) vulnerability that bypassed an initial WAF filter using clever encoding.

1 post

October 15, 2025

xssbugbountywebsec

A detailed walkthrough on discovering a Reflected Cross-Site Scripting (XSS) vulnerability that bypassed an initial WAF filter using clever encoding.