Writeups for a few web challenges that I solved from RITSEC CTF 2025 — Cosmic Pathways, Upload Issues, and Upload Issues 2.

Solutions for Fortune Crumbs (Web), Quote (Web), Treasure Hunt (Pwn), and Readme (Pwn). Fortune Crumbs is a blind SQL injection challenge to steal the admin's password. Quote is an SQL injection ch...

Played Apoorvctf 2025 over the weekend. Here are the writeups for SEO CEO (Web), Blog 1 (Web), Ghosted on the 14th (Misc), Nobita's Network Nightmare (Network), and Subramaniyudan Kadhaipoma (AI).

Cicada is a very easy active directory box that involves common AD enumeration to discover hardcoded credentials, which can be used to pivot to other users with more privileges. Eventually, we'll p...

Write-ups for all the fullpwn challenges from HTB University CTF 2024.

Write-ups for web challenges from CYBERGON CTF 2024.

2024 edition of Hack The Boo from HTB to celebrate Cybersecurity Month and Halloween. I solved a few challenges ( ‾́ ◡ ‾́ )

Mailing is an easy difficulty machine from HackTheBox that features an email server running on hMailServer. There is a path traversal on its web application, where I'll enumerate for the hMailServe...

Freelancer is a hard difficulty lab from HackTheBox which features a web application and Windows Active Directory. The web application has broken access control which allowed us to login as the adm...

3108 CTF is a Malaysian CTF organized by Bahtera Siber, themed around National Day. This is my first time joining the event, and I got to solve a few challenges. 🇲🇾🇲🇾🇲🇾