CTF Writeups
HTB Cicada: From Password Spraying to Token Abuse
Active Directory machine: password spraying for initial foothold, LDAP enumeration, and domain admin access through SeBackupPrivilege token abuse.
Latest research
CTF Writeups
HTB Bank: Chasing Balance Transfers to Root Shell
DNS enumeration reveals a hidden banking application. File upload restriction bypass for webshell access, then root via writable SUID binary.
Vulnerability Research
CVE-2025-60507 | Moodle GeniAI plugin v2.3.6: XSS via PDF Upload & Prompt Injection
Chained XSS and prompt injection in Moodle GeniAI plugin v2.3.6 via PDF upload. Demonstrates AI-integrated plugin security risks.
Penetration Testing
CVE-2025-60511: IDOR
Insecure direct object reference in Moodle's OpenAI Chat Block plugin exposing unauthorized access to chat data. Full exploitation walkthrough and CVE details.
Penetration Testing
CVE-2025-60506 | Stored Cross-Site Scripting (XSS) in Moodle PDF Annotator plugin (v1.5 release 9)
Stored XSS in Moodle PDF Annotator plugin v1.5 release 9 through malicious annotation content. Technical analysis and responsible disclosure details.
Vulnerability Research
CVE-2025-57520 – Stored XSS in Decap CMS (<= 3.8.3)
Stored XSS vulnerability in Decap CMS versions up to 3.8.3 allowing script injection through content fields. Includes PoC and remediation steps.