Cybersecurity, Linux & Web Development Blog
RSS FeedI'm a passionate Technologist, and I write about web development, programming, cyber security, Linux and all tech related things.
Check my Posts , they are written in the way I would have liked to read them - simple and to the point, over to the point.
Featured
Access Kubernetes NodePort Services with Subdomains
Published: at 07:50 AMExpose Kubernetes NodePort services via subdomains using wildcard DNS and NGINX, without an Ingress controller.
Presenterm
Published: at 02:56 PMWhy I like Presenterm for tech talks: write slides in Markdown, keep them in git, get code highlighting, diagrams and images, and present everything directly from the terminal.
Deploy a Free Self-Hosted Gist Website on GCP’s e2-micro using Cloudflared
Published: at 06:13 AMSet up a free GCP e2-micro VM to host a self-hosted Gist with Opengist, secured via Cloudflare Tunnel — no cost, no open ports, fully controlled by you.
Certified Red Team Operator (CRTO) Review
Published: at 10:08 AMShort review of the Certified Red Team Operator certification: course quality, lab environment, exam format and the AD/red teaming skills I realistically gained from it.
Certified Professional Penetration Tester (eCPPTv3) Review
Published: at 05:56 PMHonest eCPPTv3 review: what the exam looks like, why I failed the first attempt, how I fixed my prep with AD labs, and whether I recommend spending money on it now.
Recent Posts
PG • CTF • Access • Write-Up
Published: at 12:36 PMProving Grounds CTF - Access. File upload vulnerability, Kerberoasting, and SeManageVolumePrivilege abuse.
PG • CTF • Heist • Write-Up
Published: at 12:36 PMProving Grounds Heist write-up: turn a URL feature into SSRF, capture an NTLMv2 hash with Responder, abuse a gMSA password reader and finish with SeRestorePrivilege.
PG • CTF • Hutch • Write-Up
Published: at 12:36 PMProving Grounds Hutch write-up: from LDAP user discovery to abusing WebDAV uploads for ASPX RCE, and finally using LAPS to read back the local Administrator password.
PG • CTF • Vault • Write-Up
Published: at 12:36 PMProving Grounds Vault write-up: drop a malicious URL/SCF file into a writable SMB share, capture a domain user hash, get a WinRM shell and abuse SeRestorePrivilege with Utilman.