HTB Writeup – Conversor

Posted on 2025-10-26

Transform XSLT to HTML with extensions → special XML “SSTI”

Protected: HTB Writeup – Hercules

Posted on 2025-10-21

There is no excerpt because this is a protected post.

Posted on 2025-10-13

Ticket Forgery & Token Abuse with a service account in Win AD

Posted on 2025-10-05

From bi-directional MSSQL linked servers in to CVE-2024-30088 LPE

Posted on 2025-09-29

XSS pivot to pyAescrypt brute forcing

Posted on 2025-09-21

Exploit IKE IPSec via UDP discovery & the SUDO binex privesc

Posted on 2025-09-15

Python SSTI and Django Cache poisoning with Pickle Deserialization

Posted on 2025-09-07

CrushFTP auth bypass (CVE-2025-31161) and Erlang shell manipulation

Posted on 2025-09-01

Classic XSS pivot & module/config/library hijacking

Posted on 2025-08-25

Next.js auth bypass (CVE-2025-29927) & Hashicorp Terraform abusing