Hi I'm a security professional with expertise in infosec and devops. My main interest in security is offensive security (i.e red teaming, penetration testing, finding holes in systems, etc...)
Nothing here yet.
Apr 21, 2021 · 5 min read · Hello readers! Recently I was on this pentesting engagement and found this vulnerability that I wanted to share. 1. Organization that makes medical software Finding(s): JWT tokens stored in LocalStorage leading to compromise of user accounts via API...
Join discussionJan 14, 2021 · 43 min read · UPDATE: My writeup got Honorable Mention on SANS Kringlecon site! Hello readers! Over the holidays I participated in the SANS Holiday Hack Challenge for 2020. Here's the writeup: Objective 1 Mission Statement: Uncover Santa's Gift List There is a ...
Join discussion
Jan 14, 2021 · 14 min read · Hello! Here's a collection of my most interesting exploits and stories while doing pentesting as a security consultant. 1. Startup company in analytics # 1 Findings: Exposed internal application Default credentials used Open S3 Buckets Weak passwor...
Join discussionDec 17, 2020 · 10 min read · Hello readers! Here is my writeup for this box: Nmap scan root@kali:~/htb/Openkeys# nmap -sS -sV -Pn -n -T4 -sC -p- -O -oA nmap_ouput1 10.10.10.199 Starting Nmap 7.80SVN ( https://nmap.org ) at 2020-09-12 13:40 EDT Nmap scan report for 10.10.10.199 H...
Join discussion
Sep 7, 2020 · 18 min read · Hello readers! Here is my writeup for this box: Nmap scan root@kali:~/htb/remote# nmap -T4 -sV -p- -O 10.10.10.180 Starting Nmap 7.80SVN ( https://nmap.org ) at 2020-08-17 22:38 EDT Nmap scan report for 10.10.10.180 Host is up (0.039s latency). Not s...
Join discussion
