A 10/10: CVE-2025-55182 haunting React and Next.js
React2Shell seems to be the Log4Shell of the JavaScript world. We break down the unsafe deserialization in React's Flight protocol, why APT groups like Earth Lamia tried to exploit it instantly, and why your audit checklist needs to check for architectural integrity. Patch immediately!
Breaking in before the VPN broke down - A Journey through Precious (HTB Writeup)
A full walkthrough of the Hack The Box machine "Precious"; from enumeration to exploitation, including a clever pdfkit command injection and Ruby YAML deserialization for root. With shell stabilisation and some VPN drama on the side.
An Intro to Regex: The Hacker’s Guide to Pattern Matching
A hands-on, security-minded introduction to regular expressions - from simple matches to character classes, quantifiers, and real-world examples. Learn to wield regex like a precision tool for parsing, filtering, and hacking.
What I Learned from Bandit Wargames - Level 0-12 (And Why You Should Try It)
Learn practical Linux skills and command-line thinking through the first 12 levels of OverTheWire's Bandit wargame. Sharing lessons, strategies, and powerful command-line tools without spoiling solutions; perfect for aspiring ethical hackers, CTF players, and curious beginners.
Why Clean Logs Matter in Forensics - And How to Get Them Right
In digital forensics, documentation is just as important as discovery. This guide introduces a CLI tool that helps forensic analysts create structured, signed, and legally sound logs - from the first command to the final report.
Data Engineering With Dagster – Part Four: Resources, DRY Pipelines, and ETL in Practice
A deeper look at how Dagster handles reusable components like API clients and cloud connectors through resources - with best practices and cookie metaphors baked in.
