HTB Writeup – Gavel
Posted on 2025-11-30
SQL injection abusing PDO substitution in PHP Prepared Statement
linux
Protected: HTB Writeup – Fries
Posted on 2025-11-24
There is no excerpt because this is a protected post.
HTB Writeup – Conversor
Posted on 2025-10-26
Transform XSLT to HTML with extensions → special XML “SSTI”
HTB Writeup – Expressway
Posted on 2025-09-21
Exploit IKE IPSec via UDP discovery & the SUDO binex privesc
HTB Writeup – HackNet
Posted on 2025-09-15
Python SSTI and Django Cache poisoning with Pickle Deserialization
HTB Writeup – Soulmate
Posted on 2025-09-07
CrushFTP auth bypass (CVE-2025-31161) and Erlang shell manipulation
HTB Writeup – Previous
Posted on 2025-08-25
Next.js auth bypass (CVE-2025-29927) & Hashicorp Terraform abusing