kpawloSetting up a ‘system-wide’ TOR proxy on WindowsTOR bundle + Proxifier — system wide TOR proxy for Windows — setup guideApr 26Apr 26
kpawloHow to pass the Portswigger Burp Suite Certified Practicioner on your 1st tryI am now a Burp Suite Certified Practicioner. I managed to pass the certification on the 1st try, following are my thoughts, tips, and…Apr 24Apr 24
kpawloThe story of my first ever CVE (CVE-2024–29863)This one will be kept short. I want to briefly desribe the process of my first CVE to anyone concerned or interested enough to read.Mar 22Mar 22
kpawloWSL KALI — setup and config guideWhat is WSL? Windows Subsystem for Linux (WSL) is a feature of Windows that allows you to run a Linux environment on your Windows machine…Feb 13Feb 13
kpawloPortswigger LLM labs — walkthroughFeel free to check out the way I tackled the very valuable Portswigger LLM labs.Jan 29Jan 29
kpawloBefriending Procmon — my views and go-to methods for analysisWhat is Procmon? Procmon is a comprehensive monitoring tool that gives users the power to track and record system events. It consolidates…Jan 25Jan 25
kpawloPortswigger Mystery labs — my methodologyFor everyone that’s in the process of getting through the Portswigger Academy labs or preparing for the Certified Burp Practitioner…Jan 19Jan 19
kpawloSetting up a web server with virtual hosts using Flask with Apache2 Reverse ProxyA straightforward guide on how to set up a simple flask app server with apache2 reverse proxy for easy virtual host lab.May 8, 2023May 8, 2023
kpawlo[HTB:POSTMAN]Vulnerable Redis — id_rsa disclosure — password reuse — vulnerableThis is an easy CTF challenge called Postman hosted on HackTheBoxApr 18, 2023Apr 18, 2023
kpawlo[THM:ALFRED]jenkins-powershell-WINtoken impersonationTeaches how to exploit a common misconfiguration on a widely used automation server(Jenkins — tool used to create continuous…Apr 3, 2023Apr 3, 2023