Writeup for the "Titanic" machine on HackTheBox. It involves exploiting LFI to discover sensitive Gitea configuration and database files, cracking PBKDF2 hashes for SSH access, and escalating privileges via a shared library injection in ImageMagick (CVE-2024-41817).

Walkthrough of the "Jerry" machine on HackTheBox. It involves brute-forcing Tomcat Manager credentials, deploying a WAR reverse shell, and retrieving both user and root flags from a Windows system.

Writeup for the "Nibbles" machine on HackTheBox. It involves discovering a vulnerable Nibbleblog CMS, exploiting it via Metasploit for initial access, and escalating privileges by abusing a writable script with sudo rights.

My writeups for b01lers CTF 2025 - b01lers CTF is a CTF hosted by Purdue University's b01lers CTF team.

Detailed walkthrough of the hackdonalds challenge on Intigriti platform, covering initial enumeration, exploiting vulnerabilities, and obtaining user and root flags.

This blog will contain all the writeups for MetaCTF 2025