I'm a pharmacist by day, but cybersecurity is my real calling. In my free time, I love to hunt for vulnerabilities, compete in CTFs, and focus on web exploitation.
On this blog, I share my write-ups, insights, and everything else I learn along the way. Stick around if you share the same passion!
Want to test your skills? Each post features a link to deploy the associated challenge on my Instancer. Just click, let the environment spin up, and have fun hacking!
ETag reuse and Firefox’s 304 caching flaw enable a CSP sandbox bypass...
Read more →NGINX reverse proxy cache deception, normalization bypass, and mass assignment...
Read more →This is the first writeup i wrote back in 2022, just after the RomHack CTF....
Read more →