Blog

Nowadays, it is relatively common to find a stripped-down docker container. While great to save precious bytes on hard drives, this might complicate things when you quickly need to debug something. This post explains how you can quickly install dig or nslookup within your container on different distros.

In this post I show how you can use router api to detect active link in Next.js

In this post, I'll go over Cap from Hack the Box. An easy level Linux machine where the name is nice hint. An IDOR gives access to a PCAP with unencrypted traffic and misconfigured capabilites allow getting a shell as root.

Being able to experiment with vulnerabilities is crucial to gain a deeper understanding of them. In this post, we'll look at creating an environment with a vulnerable version of the OMI agent.

In this post, I'll go over Knife from Hack the Box. It's an easy level Linux machine that shows what damage a supply chain attack on the PHP codebase could have caused if it would have slipped through the cracks and got released into the wild.

In this post, I'll walk you through Love, an easy-level Windows machine on Hack the Box.

In this post, I'll walk you through Laboratory, an easy-level Linux machine on Hack the Box. It has a GitLab CVE vulnerability for the user and uses path file checking on a setuid binary for the root flag.

In this post I walk you through how I solved Luanne from Hack the Box. This is an easy difficulty NetBSD box, focussing on fuzzing and code injection via Lua.

Ever wondered if it would be possible to monitor what is getting typed at other shells running on a Linux system. Well I have and in this post, I walk you through creating an eBPF program to monitor every command typed on a bash or zsh prompt.