-
002 | PortSwigger Lab: Username enumeration via response timing
This post details my step-by-step process for solving an authentication lab on PortSwigger Academy. The lab effectively demonstrated how subtle vulnerabilities in login mechanisms, such as response timing differences and IP-based blocking, can be exploited to compromise user credentials. — read more
-
001 | PicoCTF – Corrupted File WriteUp
In this CTF challenge, a corrupted file needs to be analyzed using hex examination via Linux terminal and repaired. The file is in JPEG format but cannot be recognized by the system because its magic bytes are corrupted. The goal is to add the appropriate JPEG magic codes through hex editing and recover the file. — read more
-
001 | PortSwigger Lab: Username enumeration via different responses
This post walks through how I solved an authentication lab on PortSwigger and highlights the key things I noticed during the process. — read more