2026

• 02 Feb How I keep updated in the infosec industry

2025

• 12 Aug Vtenext 25.02 vulnerability research
• 24 Apr Incorrect Authorization to Authenticated (Contributor+) Multiple Media Actions in Prevent Direct Access Wordpress Plugin (CVE-2025-3861)
• 15 Mar Effective Notes for OSCP, CTFs and Pentests with Obsidian (2025)

2024

• 02 Dec Pentesting Salesforce Communities
• 27 Feb Let's talk about communities with Meethack Torino

2023

• 23 Dec How NOT to react to a responsible disclosure (CVE-2023-47444)
• 14 Nov Authenticated Static Code Injections in OpenCart (CVE-2023-47444)
• 29 Jun Digital Private Vault (APK) - Subverting an (in)secure Android vault
• 16 May Getting Started with GeoGuessr and OSINT (UMDCTF 2023)
• 16 May Defeating custom password reset tokens
• 30 Apr How to set up an Android Penetration Testing Lab from scratch
• 12 Apr WAF bypass and vulnerability chain exploiting parser differentials
• 28 Mar Finding SSTI in an EJS app using existing exploits and undocumented features
• 28 Mar HackTheBox - Blunder
• 28 Mar HackTheBox - Noter
• 28 Mar HackTheBox - AdmirerToo
• 28 Mar HackTheBox - Armageddon
• 28 Mar HackTheBox - Spectra
• 28 Mar HackTheBox - Postman

2022

• 21 Dec Exploit Arbitrary Deserialization through Blind SQL Injection
• 01 Nov 0xbro, from developer to pentester (Beyond technology, Ep. 01)
• 20 Sep Intercept HTTPS on non-rooted Android devices
• 20 Aug HackTheBox - Timelapse
• 20 Aug HackTheBox - Late
• 11 Jul Taking effective notes for CTF, OSCP and other labs
• 09 Jul HackTheBox - RouterSpace
• 19 Jun HackTheBox - Paper
• 25 Apr Exploit Zip Slip vulnerability in python tarfile
• 31 Mar Bypass certificate pinning with Frida and Xposed
• 15 Mar Reverse and patch an easy APK
• 25 Feb The 5 BEST platforms to practice Ethical Hacking in 2022

2021

• 28 Sep Bypassing addslashes() using format string to get SQL Injection
• 01 Sep Pickle Insecure Deserialization
• 28 Aug HackTheBox - Knife
• 07 Aug HackTheBox - Love
• 31 Jul HackTheBox - TheNotebook
• 03 Jul HackTheBox - Ophiuchi
• 12 Jun HackTheBox - Tenet
• 05 Jun HackTheBox - ScriptKiddie
• 04 Jun My OSCP Journey
• 22 May HackTheBox - Delivery
• 14 May HackTheBox - Ready

2020

• 05 Jul HackTheBox - Tabby
• 14 Mar HackTheBox - Traceback
• 04 Jan HackTheBox - OpenAdmin

2019

• 30 Nov HackTheBox - Obscurity
• 16 Nov HackTheBox - Traverxec
• 08 Jun HackTheBox - Writeup