local-file-inclusion
Introduction to File Inclusion
An in-depth and hands-on walkthrough on spotting and exploiting Local File Inclusion (LFI); from classic payloads to modern bypasses, straight from HTB Academy labs.
Penetration Testing
In-depth guides and articles on ethical hacking and vulnerability assessment.
webshell
From Basic to Blessed: Uplifting Your Webshell Game
From basic payloads to protected and self-destructing shells; a hands-on journey upgrading your webshells for stealth, power, and style.
sql-injection
SQLi Hands-On: Injecting Chaos
A practical deep dive into SQL Injection in DVWA; from simple payloads to reading and writing files, fuzzing with ffuf, and scripting attacks in Burp Suite.
privilege-escalation
How to Proceed after the User Flag: My Beginner’s Priv Esc Flow
Getting user.txt is just the beginning. Here’s how I hunt for privilege escalation paths on Linux boxes; what I check, how I think, and why it still stumps me sometimes.
htb
My UnderPass Runthrough - Learnings
Cracked the UnderPass HTB box by skipping dead ends, abusing SNMP leaks, and turning mosh-server into a root shell with zero password; here is how.
shell
An Introduction to Shells: Essentials Knowledge
Understand what shells really are, how they evolved, why they matter, and how different types like reverse shells and webshells work.
university
Pentesting 101 – Command Injection & Shell Tricks (Session 1 – Part 2)
After exploring XSS in Part 1, we now dive into server-side command injection, shell behavior, piping, and classic reverse shell tactics.
university-class
Basic Introduction to Penetration Testing – some basics & reflected XSS (Session 1 - Part 1)
Lab setup with Kali and Metasploitable 2, safe networking configuration, and a proper starting point for reflected XSS.