My Android Pentesting Setup

Date: 31/05/2024

Initialize waydroid and allow it to download the latest Lineage OS SDK + GAPPS (Google services)...

Wizer CTF 2024 All Challenges

Date: 08/02/2024

Last week I was able to participate at a wonderful CTF organized over at Wizer. This CTF consisted of 6 web challenges in varying difficulty where participants were challenged to a Blitz speed-hacking competition of who can solve the most in 6 hours very generous prizes for the top 3....

protected

HackTheBox - Challenges Prying Eyes

Date: 10/12/2023

This post is password protected, description is not available

protected

HackTheBox - Challenges No-Threshold

Date: 09/12/2023

This post is password protected, description is not available

HackTheBox - Challenges WS-Todo

Date: 30/11/2023

The functionality is very simple, you can either get or add todos...

HackTheBox - Challenges Saturn

Date: 03/11/2023

I very simple flask app is all this challenge is. We can immidieitly spot a kind of SSRF as a service vulnerability. And the flag is retrieved by /secret if the request is coming from localhost. Ok then what prevents us from using the ssrf to request /secret, get the flag and get done with it?...

HackTheBox - Challenges Breaking Grad

Date: 01/11/2023

A file that particularly stands out is...

protected

HackTheBox - Challenges ApacheBlaze

Date: 01/11/2023

This post is password protected, description is not available

HackTheBox - Machines Soccer

Date: 15/08/2023

login using default credentials: admin: admin@123 from https://github.com/prasathmani/tinyfilemanager upload simple php reverse shell and get shell as www-data...

protected

HackTheBox - Challenges EasterBunny

Date: 07/08/2023

This post is password protected, description is not available

CCSC 2023 Secret Prompt

Date: 21/07/2023

We believe the machines came up with their own mechanism to keep humans out. Deceive the machines. Make them believe you are one of them and retrieve...

CCSC 2023 Shellhunting

Date: 21/07/2023

One of the generals of the AI-sponsored government left his house unlocked while he was going to the beach. Ava spotted the powered on computer, and managed to intercept the traffic from an unknown application....

CCSC 2023 Forgotten Classes

Date: 16/07/2023

This is an old API for a classroom application that is no longer used due to the AI takeover. Inside information states the API is still available and is connected to the AIs internal infrastructure. Can you can hack it and read any hidden secrets on the root / path of the server?...

CCSC 2022

Date: 17/05/2022

CCSC (Cyprus Cyber Security Challenge) is a yearly competition, where hackers from all around Cyprus, compete in a 15-day time period. The top 10 players (5 seniors(21-25) and 5 juniors(14-20)) would qualify to represent Cyprus at the ECSC (European Cyber Security Challenge) in Austria...