“I write so others can skip the parts I had to figure out the hard way.”
Recent Posts
Reactor HTB – Machine Walkthrough
Hi everyone, in this Reactor HTB Machine, I will give u a detailed walkthrough to get the user and root flag in this machine, so sit back and read! 🔒...
Content Discovery – TryHackMe Walkthrough
Content discovery is about finding things on a web server that aren't meant to be publicly visible - hidden directories, sensitive files, old endpoints, subdomains, and misconfigured paths. This TryHackMe...
How I’d Learn Ethical Hacking in 2026 If I Started Over
Let me be straight with you. Most "ethical hacking roadmaps" online are either too vague, outdated, or written by someone who hasn't actually done the work. I've been there, I...
KoBold HTB – Machine Walkthrough
Hi everyone, in this Kobold HTB Machine, I will give u a detailed walkthrough to get the user and root flag in this machine, so sit back and read! Reconnaissance...
Why Most Cybersecurity Certifications Are a Waste of Time (And Which Ones Aren’t)
Let me be real with you. I have seen a lot of people in this field: beginners, students, even some experienced folks, chasing certifications like they are some kind of...
Will AI Replace Pentesters? A Pentester’s Honest Take
Hi guys! and future hackers! Will AI replace pentesters? As a Jr. Penetration Tester, I want to give you my honest take so you can better understand where things actually...
HTB vs TryHackMe vs PortSwigger — Which Platform Actually Builds Skills?
Everyone asks this question when they're starting out. And most answers you'll find online are vague: "all three are great, use them together!" That's not helpful. Let me give you...
Facts HTB – Machine Walkthrough
Hi everyone, in this Facts HTB Machine, I will give u a detailed walkthrough to get the user and root flag in this machine, so sit back and read! This...
Secure Notes – HTB Writeup | Web Challenge
Hi everyone! In this write-up, we'll solve the HackTheBox web challenge Secure Notes. It's a classic prototype pollution challenge combined with a tricky localhost bypass on the /flag endpoint. I...
How CTFs Improve Real-World Hacking Skills
A few weeks ago, I wrote a post called CTFs vs Real-World Pentesting: What Beginners Must Know. In it, I said CTFs and real pentesting are not the same. Many...