Technical Writeups

A comprehensive guide to x86 CPU architecture fundamentals essential for malware reverse engineering. Learn about registers, memory layout, and stack operations that form the foundation of system exploitation.

A comprehensive guide to understanding obfuscation techniques for malware evasion, from basic concatenation to advanced control flow manipulation. Learn how attackers hide their code and how defenders can spot these techniques.

A comprehensive walkthrough of TryHackMe's Cyber Kill Chain room, exploring each phase of cyber attacks from reconnaissance to actions on objectives, plus a real-world analysis of the Target data breach.

A hands-on walkthrough of TryHackMe's cURL exploitation room - learning HTTP requests, POST data, cookies, sessions, and brute force attacks from the command line.

A comprehensive look at CVE-2025-68613 in n8n - how expression injection can lead to remote code execution and what you can do to protect yourself.

Web exploitation challenge targeting a malicious e-commerce platform with cookie manipulation and privilege escalation vulnerabilities.

A beginner-friendly cryptography challenge involving multi-step encoding conversion using CyberChef to decode binary data into the final flag.

Network forensics challenge analyzing FTP traffic to identify compromised credentials during a Krampus Syndicate intrusion attempt.

Advanced DNS reconnaissance challenge involving SPF and DKIM record analysis to uncover hidden infrastructure used by the Krampus Syndicate.

Reverse engineering challenge involving static analysis of a stripped ELF binary with anti-debugging measures and XOR-based authentication.

A friendly walkthrough of Django CVE-2025-64459 - understanding and exploiting ORM query parameter injection vulnerabilities in web applications.

Comprehensive writeups for the cryptography challenges from NahamCon Winter CTF 2025, featuring Linear Lines affine cipher analysis and practical solving techniques.

Detailed writeups for mobile security challenges from NahamCon Winter CTF 2025, covering Android APK reverse engineering, vulnerability analysis, and exploitation techniques.

Systematic reverse engineering approach for unprotected ELF binaries using static analysis techniques and Ghidra decompilation

A comprehensive blue team investigation walkthrough of the TryHackMe Web Attack Forensics room, analyzing malicious web activity and command injection attacks using Splunk.

A comprehensive walkthrough of the TryHackMe Passwords room, exploring password-based encryption attacks and defensive strategies during the holiday season.