Guide on installing Kali Linux in GNOME Boxes, setting up a shared folder for easy file transfers, and best practices to keep the system clean and stable for CTFs and labs.

Gained initial access by exploiting an insecure file upload with extension bypass. Used weak credentials to move laterally to another user account, then escalated privileges by abusing insecure sud...

Exploiting CVE-2019-7214 in SmarterMail 16.x via an unauthenticated deserialization vulnerability on port 17001 leading to RCE.

Exploiting command injection vulnerability in Exhibitor WebUI for initial foothold and privilege escalate with an unknown SUID binary to gain root.

Passed the OSCP on my first attempt with 80 points – sharing my full journey, lessons learned, and practical tips.

Exploiting MS09-050 (CVE-2009-3103) on port 5357 using Metasploit to achieve remote code execution via a crafted SMBv2 request to gain NT AUTHORITY\SYSTEM.

Discovers SNMP is running, exploiting CVE-2007-4560 in ClamAV's clamav-milter to achieve unauthenticated remote code execution as root