cowabungaOSCP ReviewA look back at the road to obtaining the Offensive Security Certified Professional, having had some time to recover!May 31May 31
cowabunga[HTB] Writeup: StockerOverview: - Subdomain hunting - API Abuse - XSS, SSRF, LFI - Overly permissive user prFeb 18, 2023Feb 18, 2023
cowabunga[HTB] Writeup: BroScienceOverview: - IDOR - Insecure Deserialisation - Hardcoded DB creds - Command InjectionJan 26, 20231Jan 26, 20231
cowabunga[HTB] Writeup — Forgot 10.10.11.188Overview: - Default creds - XSS Cache Poisoning - Session Hijacking - More default creds… - Insecure functionsJan 6, 2023Jan 6, 2023
cowabunga[HTB] Writeup: UpDownOverview: 1. A naive website exposing a git repository with some juicy info. 2. Developer access to a sub-domain allows exploitation of a…Dec 30, 2022Dec 30, 2022
cowabungaHTB — Soccer WriteupOverall, an interesting box with some fiddly bits — rated easy, but leaning towards a medium box, never the less, an oustanding debut from…Dec 19, 2022Dec 19, 2022