HackTheBox - Forge

Bypass SSRF filters using domain redirection and abusing Python PDB

H@cktivitycon 2021 - Web

Another late CTF writeups for H@cktivitycon 2021 web category.

HackTheBox - Love

Basic things you can do with SSRF

HackTheBox - Ready

Turns SSRF to remote code execution and escape from a Docker container

HackTheBox - Time

Exploiting an insecure deserialization on Jackson library and how to mitigate it