amrmoadel.hashnode.devCyclic Scanner - Android Service Exploitation WalkthroughOverview The lab description makes one thing very clear: this challenge is about exploiting an Android Service to achieve RCE. There is no confusion about the goal, and there is no need to explain wha5d ago·6 min read
amrmoadel.hashnode.devIOT Connect - Broadcast Receiver ExploitationOverview This writeup documents the exploitation of a vulnerable Broadcast Receiver in the IOT Connect Android application. The flaw allows an unauthenticated user to activate the master switch, turni5d ago·5 min read
amrmoadel.hashnode.devAI Security: Prompt Injection on Gradio chatbot - Prompt ninja (CTF Challenge)Challenge Details Category: AI SecurityLevel: Easy (50 Points)Target IP: Machine_IP:7860 Challenge Description Hello Player! Introducing you to Kitsune! your AI powered Swordmaster who is highly skilled with thousands of years of studying, craftin...Sep 23, 2025·4 min read
amrmoadel.hashnode.devAI Security: Second-Order Prompt Injection on DocuBot (CTF Challenge)Challenge Name: Docubot Category: AI Security Level: Medium (100 Points) Link: Docubot | CyberTalents Challenge Description The challenge revolves around DocuBot, an AI-powered document summarizer accessible via a web interface. Users can upload PDF ...Sep 22, 2025·3 min read
amrmoadel.hashnode.devNatas Walkthrough | OverTheWireIntroduction What is Natas? Natas teaches the fundamentals of server-side web security. Each level in Natas is hosted on a unique website, accessible at http://natasX.natas.labs.overthewire.org (where X is the level number). There is no SSH login inv...Jun 12, 2025·56 min read
