HackTheBox: Academy write-up

Encrypted post!

HackTheBox: Bucket write-up

Encrypted post!

Subdomain Takeover in Azure: making a PoC

Most (if not all) bug bounty hunters know what a subdomain takeover is and what its impact is, but do you know how to actually take over the domain and make a working proof of concept?

HackTheBox: Passage write-up

Encrypted post!

HackTheBox: SneakyMailer write-up

Bits of automation with Python packages! Really cool box to learn different techniques, like trying to use an SMTP server to send emails using gathered data. Recommend it 100%

HackTheBox: Fuse write-up

Windows box and enumeration! Fuse combines a thorough exploration of different services to gather information and then use a password spraying attack to get a foothold into the system, after that a permissions misconfig allows us to get admin!

HackTheBox: Blunder write-up

Do you like finding rabbit holes? If so, this machine is for you. And don’t forget that googling for exploits is crucial!

HackTheBox: Cache write-up

Machine with different virtual hosts, one of them with a vulnerable openEMR instance. From there docker and Memcached are the way to root

HackerOne h1-2006 CTF write-up

Here is my write-up of how I solved HackerOne h1-2006 CTF, definitely learned a lot of new things!

HackTheBox: Admirer write-up

Did you know about SETENV? What about using PYTHONPATH? Recon never ends, credentials are never enough, especially in Admirer!