Cyber Blog​

Summary: A vulnerable web app generated JSON Web Tokens (JWT's) on the client side. The signing secret and client-side generation logic were discoverable in the client JavasScript, allowing me to forge a valid token with elevated privileges and access the admin ticket board. This post shows how the issue was identified, exploited, and how to fix it properly. Client-side JWT token attacks: In normal circumstances the JWT's are signed by the server so endpoints can verify the t

🧩 Attack Summary In this Sherlock Scenario , you step into the role of a SOC analyst investigating a suspected intrusion. By analyzing...

Checkout a server side Node JS Parameter Tampering Vulnerability and how we can fix it.

YouTube Video Writeup Engagement Flow Tools used Burpsuite WhatWeb OWASP ZAP Netcat Linpeas Tactics/Techniques CVE-2023-41425 - Wonder...

Learn how to install Splunk, import security logs, run SPL queries, and build dashboards. Perfect for cybersecurity beginners seeking hands-on skills.

Scenario 🛠️ Scenario Overview An attacker sends a phishing email to the victim, claiming it's an urgent Microsoft Office update. The...

| CVE-2025-29927 (auth bypass in Next.js) | SSRF to scan and find internal services | LFI to steal secrets | Redis injection for command execution

Scenario: FTP Data Exfiltration Investigation - A major incident occurred at Forela. 20 GB of data were stolen from internal s3 buckets.

This lab's live chat feature is vulnerable to cross-site WebSocket hijacking (CSWSH)

This lab's change email function is vulnerable to CSRF.

Engagement Flow Tools used Burpsuite EVTX Parser by omerbenamram WhatWeb Netcat SCP Ghidra Moonwalk Tactics/Techniques File upload abuse...

YouTube Index: Introduction What is Server-Side Parameter Pollution Understanding the Query String in an API Request Example Injecting...

High Level Details: Attacker 1: 40.80.148.42 Attacker 2: 23.22.63.114 CMS: Joomla Site: imnotreallybatman.com Site IP: 192.168.250.70...

This challenge demonstrates a classic prototype pollution vulnerability.

A Classic MD5 SQL Injection Bypass Attack.

Extract a plain text RSA key from HTTP, format it, save as .key, and import into Wireshark with the correct IP, PORT, and protocol for decr

Visual Workflow Summary Summary Identifying hidden functions generated dynamically was at the core of this challenge. While the giveFlag...

Follow along with my YouTube video for an interactive walkthrough. Visual Workflow summary The challenge starts with a provided PCAP file...

Note - You can view my video writeup below  📺🎬🎥 https://youtu.be/xnjWVL7i7HA 📺🎬🎥 This room covers an incident Handling scenario...

Checkout my YouTube Video Writeup https://youtu.be/BbXbbBDW48c Engagement Flow Tools used John Chat GPT Moonwalk Tactics/Techniques...

Attackers workflow mapped Attacker's Summary This summary will cover the attackers workflow as discovered from my point of view. I...

CHALLENGE DESCRIPTION In the race for Vitalium on Mars, the villainous Board of Arodor resorted to desperate measures, needing funds for...

CHALLENGE DESCRIPTION An organization seems to possess knowledge of the true nature of pumpkins. Can you find out what they honestly know...

Attackers workflow mapped Attacker's Summary This summary will cover the attackers workflow as discovered from my point of view. I...