August 2025

6 posts from this period

🧠Educationalintermediate· 6 min read

Writeup: Bypassing Broken Access Controls in a Legacy Web App

Technical writeup of identifying and exploiting broken access control vulnerabilities in a legacy web application during a penetration test.

access controlweb securitypenetration testingOWASP

August 28, 2025Read →

🧠Educationaladvanced· 6 min read

Exploring how AI and LLMs are being used in offensive security operations, from reconnaissance to payload development.

AIoffensive securityautomationLLM+1

August 25, 2025Read →

🧠Educationalintermediate· 6 min read

Master Burp Suite with techniques used by professional bug bounty hunters: from basic interception to advanced automation.

Burp Suiteweb securitybug bountytools

August 20, 2025Read →

🧠Educationalintermediate· 7 min read

Create targeted wordlists for password attacks and content discovery using CeWL, Crunch, and other techniques.

wordlistspassword crackingCeWLCrunch+1

August 15, 2025Read →

🧠Educationaladvanced· 7 min read

Learn exploit development fundamentals by creating a simple buffer overflow exploit in Python, step by step.

exploit developmentPythonbuffer overflowsecurity research

August 5, 2025Read →

🧠Educationaladvanced· 6 min read

Understanding DNS rebinding attacks: how they work, why they're dangerous, and how to demonstrate them in a lab environment.

DNSweb securitySSRFattack techniques

August 1, 2025Read →