This is my personal site centered around InfoSec - I post research, projects and CTF writeups whenever I get the chance :) .


An easy Linux box from HackTheBox, get run around rabbit holes until finally discover a subdomain with a LFI, grab a SSH key and use that for initial access, then exploit a vulnerable configuration of fail2ban for root.

Read more →


A medium Windows box from HackTheBox, get initial access by resetting the password of another user on a site with CSRF, then get creds by logging in as them that allow you to get a reverse shell and escalate to administrator by finding creds in an instance of bash for windows.

Read more →