← home
Writing
Notes and writeups on offensive security, tooling, and things I break.
- ·5 min read
How I Recon a Target, Part Two: Now We Poke It
The map is drawn — time to find the parameters and start the injection party. XSS, SQLi, SSRF, file inclusion, open redirects, and the tools I reach for.
- ·7 min read
How I Recon a Target, Part One: Drawing the Map
The unglamorous half of hacking — finding every door, window, and forgotten side entrance before I try to break in. Plus all the tools I actually run.
- ·5 min read
Chasing a Session Bug That Turned Into Two Findings
A logout that didn't really log out — and the authorization flaw I only found because I kept pulling on the thread.
- ·6 min read
Is Your API Secure? Top 5 Vulnerabilities Developers Miss
Explore critical API security risks from OWASP Top 10 and learn how to protect your systems.
- ·6 min read
Setting Up a Honeypot with Cowrie
Learn how to set up a honeypot to capture and analyze attack data using Cowrie.