Ffuf

An easy HTB box with enough Joomla, virtual hosts, and reverse shell magic to get you sweating (literally). This walkthrough dives into the quirks of Joomla, web fuzzing, API poking, and template-based RCE. Bring water.

A practical deep dive into SQL Injection in DVWA — from simple payloads to reading and writing files, fuzzing with ffuf, and scripting attacks in Burp Suite.