Security notes from the field.
Penetration testing, CTF write-ups, OSINT, and offensive security — Welcome to my Cyber Security Blog!
Write-ups & Notes
How to create a NVD Scraper within your Obsidian-Vault
Alright, before delving into this write-up it is important to mention a few requirements for this setup. Basic Python knowledge it is expected, and that it is already installed on…
Bonjour service on Windows11
This module is blocked from loading into the Local Security Authority If you are on Windows 11, you might have seen this pop-up window, wondering what you did wrong or…
Containers – {THM-Advent of Cyber 2025}
Learn about container security. What Are Containers? To understand what a container is, we first need to understand the problem it fixes. Put plainly, modern applications can be quite complex:…
How cookies work in Web Applications
Everyone loves cookies, right? Well, I am talking about different types of cookies, and I hope you gain some knowledge from my post. Let’s dive into it. Cookies play a…
Web Application Security Best Practices
Web Application Security is an important topic in 2025 because every modern business relies on web applications to manage operations, deliver services online, or engage customers. Understanding Common Web Apps…
What is the Credential Manager?
Do you know where Windows stores your passwords and login details that you save when using this operating system? For example, when you access a network share, you type a…
Web Application Penetration Testing
A comprehensive Web Application Testing Guide This blog post provides a thorough guide to web application penetration testing. Whether you are a security researcher, bug bounty hunter, or a pentester,…
Threat Hunting & Incident Response
MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a comprehensive framework that provides a structured and organized approach to analyzing and understanding the tactics and techniques of…
Digital Signature Using SHA-256 with RSA Encryption.
Digital signatures are crucial in cryptography to ensure secure communication and data integrity. But how exactly do they work? A digital signature, implemented using SHA-256 with RSA encryption, is a…
Cyberchef is a must-have security tool.
If you’re seriously involved in cybersecurity or digital forensics, you’ve likely encountered a variety of appropriate tools designed to address common challenges within these fields. These tools are essential for…
SSRF with filter bypass via open redirection vulnerability
Server-side request Forgery allows an attacker to bypass network access control and make requests to servers located on the private network that are not reachable from the Internet. These techniques…
SQL Injection
How to detect and exploit SQL Injection vulnerabilities. Structured Query Language (SQL) Injection, or SQLi, is a web security vulnerability that allows an attacker to interfere with queries an application…
$ grep "" ./writeups
0 matches