[>_] Home [>_] Services [>_] Skills [>_] Certifications [>_] Experience [>_] Education [>_] Volunteering [>_] Projects [>_] Publications [>_] Writeups [>_] Contact
CVE-2026
Linux
Advanced
CVE-2026-31431 Kernel Exploit Linux Privesc

CVE-2026-31431 – Copy Fail: The Linux bug that gives you root

A deep-dive into a kernel-level copy_from_user() race condition allowing unprivileged local attackers to escalate to root. …

May 2, 2026 · 12–15 min read
CAPen
Mock Exam
Intermediate
CAPen CTF IDOR

CAPen Mock Exam Writeup – How I Passed the Certified AppSec Pentester

Full walkthrough covering IDOR chains, AWS S3 misconfigurations, and JWT forgery. Tips for CAPen prep.

Apr 18, 2026 · 8–10 min read
TryHackMe
Red Teaming
Advanced
Active Directory Kerberoasting Pivoting

TryHackMe – Holo Network: Full Red Team Engagement Writeup

End-to-end red team engagement — recon, web shell upload, internal pivoting, and Active Directory compromise via …

Mar 30, 2026 · 18–22 min read
HTB
Fortress
Intermediate
API Security BOLA Command Injection

HackTheBox – Fortress: Chaining API Vulnerabilities to Admin RCE

Mass assignment + BOLA + command injection chain resulting in full server compromise.

Mar 12, 2026 · 10–12 min read
Bug
Bounty
Intermediate
AWS Bug Bounty P1 Critical

$3,000 SSRF Bug: Pivoting from a Public Endpoint to Internal AWS Metadata

How a blind SSRF in an image-processing endpoint exposed internal AWS IAM credentials via the metadata …

Feb 5, 2026 · 9–11 min read