// offensive security

Maks Huseynli

Offensive Security Practitioner

Structured offensive analysis and exploit breakdowns.
Documenting the methodology behind the compromise.

View case studies

03

Writeups

Web

Primary Focus

OSCP

In Progress

01

Case Studies

Web Linux Medium

DevArea — Hack The Box

JAR analysis, CVE-2022-46364 SSRF→LFI for credential extraction, Hoverfly command injection RCE, and writable bash binary replacement for root.

Read writeup →

Web Medium

Conversor — Hack The Box

Input validation analysis on a conversion utility. Exploitation via crafted payloads to achieve unintended code paths and flag extraction.

Read writeup →

Web Medium

Bookstore — TryHackMe

REST API enumeration through fuzzing, authentication bypass, and local file inclusion chain leading to remote code execution.

Read writeup →

No results found for that query.

02

Security research

Exploit Analysis Advanced

Exploit-Chain-CVE-2025-6018-6019

In-depth analysis of a chained exploit path across two CVEs. Vulnerability interaction, root cause breakdown, and weaponization logic.

Read analysis →