owasp
Some Welcome Changes: Dissecting the OWASP Top 10 2025
See the complete breakdown of the new OWASP Top 10 list. Why Supply Chain (A03) and Misconfiguration (A02) displaced Injection, and how the new A10 (Exceptional Conditions) category defines modern AppSec risks in Cloud and AI environments. See the Migration Cheat Sheet for Builders and Pentesters.
ctf
Securing Silver: My 2nd Place Win at CYBERSECURITY CONFERENCE 2025 CTF in Mannheim
My first comprehensive CTF experience at the CYBERSECURITY CONFERENCE 2025 in Mannheim, where my colleague and I secured 2nd place! We dive into the learning, the race, and essential tips on how to truly prepare (and thrive) in a 24-hour CTF challenge.
exam-prep
Test Exam: Penetration Testing Playbook 01
My personal playbook for my penetration testing test exam, covering all key steps from access via port forwarding to grabbing ALL 8 flags.
htb
Popping Devvortex - Joomla Tricks, Template Shells & Summer Brain Fog
An easy HTB box with enough Joomla, virtual hosts, and reverse shell magic to get you sweating (literally). This walkthrough dives into the quirks of Joomla, web fuzzing, API poking, and template-based RCE. Bring water.
