My Blog

June 5, 2025 • I made a cool website where you can announce whatever you want! I read about input sanitization, so now I remove any kind of characters that could be a problem :)

June 4, 2025 • Using API documentation to find a heap dump endpoint and extract a flag from server memory.

June 3, 2025 • Exploiting Server-Side Template Injection in a picoCTF challenge. Details on how Jinja2 templating was used for code execution.

May 30, 2025 • Analyzing a Cmail phishing site on S3, retrieving victim list.

May 28, 2025 • Setting up real-time server monitoring for SSH logins and Fail2ban bans using Discord webhooks and simple shell scripts.

May 16, 2025 • A detailed look at my web server security stack, including log analysis, intrusion prevention with fail2ban, firewall configuration, and SSH hardening.

May 11, 2025 • This is the full stack I use to run my personal website, detailing hosting, deployment, and frontend choices.