My Blog

Home

Filter by Tag:

All

Automation

AWS

CTF

DevOps

Discord

Fail2ban

Linux

Memory

Next.js

Nginx

Phishing

picoCTF

Python

Security

Shell

SSTI

TryHackMe

UFW

Web Development

Web Security

Web Server

picoCTF: SSTI2 — Writeup

June 5, 2025 • I made a cool website where you can announce whatever you want! I read about input sanitization, so now I remove any kind of characters that could be a problem :)

picoCTF

CTF

SSTI

Web Security

Python

picoCTF: head-dump — Writeup

June 4, 2025 • Using API documentation to find a heap dump endpoint and extract a flag from server memory.

picoCTF

CTF

Memory

Web Security

picoCTF: SSTI1 — Writeup

June 3, 2025 • Exploiting Server-Side Template Injection in a picoCTF challenge. Details on how Jinja2 templating was used for code execution.

picoCTF

CTF

SSTI

Web Security

Python

TryHackMe: A Bucket of Phish — Writeup

May 30, 2025 • Analyzing a Cmail phishing site on S3, retrieving victim list.

TryHackMe

CTF

AWS

Security

Phishing