Featured

• Python Deserialization Attacks Explained: How Hackers Exploit Pickle (and How to Defend)

  Posted on Aug 9, 2025 6 mins

  Learn how Python deserialization attacks work, see a real Pickle exploit in action, and discover best practices to secure your code against remote code execution vulnerabilities.
  

• Breaking in before the VPN broke down - A Journey through Precious (HTB Writeup)

  Posted on Aug 6, 2025 9 mins

  A full walkthrough of the Hack The Box machine “Precious” — from enumeration to exploitation, including a clever pdfkit command injection and Ruby YAML deserialization for root. With shell stabilisation and some VPN drama on the side.
  

• HTB Reset: From Log Poisoning to Root. Exploiting Tmux, Rexec and Misconfigured Sudo

  Posted on Aug 4, 2025 9 mins

  A deep-dive into escalating from LFI to full root via log poisoning, named pipe reverse shell, misconfigured sudo permissions, and forgotten tmux sessions. Includes analysis of R-services (rexec, rlogin, rsh) and real-world command chaining.
  

• What I Learned from Bandit Wargames - Level 0-12 (And Why You Should Try It)

  Posted on Jul 28, 2025 9 mins

  Learn practical Linux skills and command-line thinking through the first 12 levels of OverTheWire’s Bandit wargame. This post shares lessons, strategies, and powerful command-line tools (find, grep, awk, base64, tr, and more) without spoiling solutions; perfect for aspiring ethical hackers, CTF players, and curious beginners.
  

• An Intro to Regex: The Hacker’s Guide to Pattern Matching

  Posted on Jul 28, 2025 7 mins

  A hands-on, security-minded introduction to regular expressions - from simple matches to character classes, quantifiers, and real-world examples. Learn to wield regex like a precision tool for parsing, filtering, and hacking.