Today marks the start of a new series to help bridge the gap between development and security. I’ll cover web security vulnerabilities for developers, starting with the critical issue of
On June 9th, 2020, I received one of the worst notifications of my life: a $1,000 transaction had been made from my PayPal account to my ex’s account. I was
On Feb 3rd, I was honored to have received the PNPT. It took several months of hard work to obtain the certification and I’m very proud. In this post, I’ll
Executive Summary Active is an easy-level Windows machine. In this black-box engagement, we start by enumerating an SMB share we are able to access via anonymous login where we obtain
Executive Summary In this engagement, we accessed a network with three machines. Starting by exploiting a known vulnerability in a public-facing web server, we obtained a reverse shell. Using pivoting,
Executive Summary Sau is an easy-level Linux machine exploiting web vulnerabilities like command injection and SSRF. Leveraging CVE-2023-27163 in the public-facing web server enables an SSRF attack, manipulating an HTTP
Executive Summary Broker is an easy-level Linux machine that utilizes CVE-2023-46604, a Java deserialization vulnerability leading to remote code execution against Linux systems running Apache ActiveMQ. By utilizing a Golang
Today marks exactly three months since I landed my first cybersecurity role after being in software development for over 4 years. I wanted to share my journey and go into
So far I’ve learned a bit about the different types Python posseses and how to print Hello World. Today however, I’ve learned more about Python’s best practices as well as
What Led Me To Choose Python As My 2nd Language and why blog? Frankly, I needed a break from front-end development with JavaScript and wanted to dive deep into a
Introducing the Break Git Down Series! Break Git Down is a super beginner-friendly series to help newer developers learn a few of the most important Git tasks that you will
Web application security is a critical component of any online platform, yet many developers and organizations struggle to identify and address common vulnerabilities. In this tutorial, we’ll explore the OWASP
I’ve always wanted to sit down and write down my whole journey of how I transitioned into tech and landed a web developer role without a college degree or bootcamp