Writing

Thoughts on development, security, CTF and everything in between.

Password Manager with Zero-Knowledge Architecture
Jan 28, 2026

Password Manager with Zero-Knowledge Architecture

Secure Vault is a web-based Password Manager Application, Encryption and decryption happen completely client-side. The server stores an encrypted data which is unlocked by the user's password (derived key) on the client.

RustTypeScriptVueNuxtPostgresqlRedis
TryHackMe: Ollie
Nov 4, 2025

TryHackMe: Ollie

Begin with strange port and gain credentials from it, then using the creds to logs in on the web, after that chaining multiple vulnerability to gain reverse shell

MediumSQL InjectionRemote Code Execution
TryHackMe: Olympus
Oct 24, 2025

TryHackMe: Olympus

Begin with SQL Injection then found another domain and gain reverse shell from webshell, after that looking for suid for privilege escalation and found interesting file with Zeus's group in it.

MediumSQL InjectionArbitrary File UploadPivoting
TryHackMe: Brute
Oct 17, 2025

TryHackMe: Brute

Bruteforcing mysql creds then use it logs in on the web after that use log poisoning to gain shell the escalate privilege to another user and root

MediumBrute ForceLog Poisoning
TryHackMe: VulnNet: Endgame
Oct 17, 2025

TryHackMe: VulnNet: Endgame

Begin with given static web then enumerate subdomains and found another, gain admin CMS credentials using sqlmap then upload reverse shell to CMS and gain shell after that decrypting .mozilla folder to gain another user shell

MediumSQL InjectionLinux Capabilites

© 2026