// offensive security
Offensive Security Practitioner
Structured offensive analysis and exploit breakdowns.
Documenting the methodology behind the compromise.
.bak source disclosure leaks admin credentials. OTP bypassed via mass-assignment. Client-side-only filter leaves feed importer open to backtick command injection.
Read writeup →Exposed mail log leaks internal email hinting at config.php. SSRF via file:// reads credentials. Authenticated dashboard has raw SQLi — dumped with sqlmap for full admin access.
Read writeup →Shadow Credentials against an MSA, DLL hijack via scheduled task, ESC17 ADCS abuse and WSUS MitM for SYSTEM on a Windows Server 2019 DC.
Read writeup →JAR analysis, CVE-2022-46364 SSRF→LFI for credential extraction, Hoverfly command injection RCE, and writable bash binary replacement for root.
Read writeup →Input validation analysis on a conversion utility. Exploitation via crafted payloads to achieve unintended code paths and flag extraction.
Read writeup →REST API enumeration through fuzzing, authentication bypass, and local file inclusion chain leading to remote code execution.
Read writeup →No results found for that query.
In-depth analysis of a chained exploit path across two CVEs. Vulnerability interaction, root cause breakdown, and weaponization logic.
Read analysis →