Blog

Writeups, tutorials and technical notes.

type

cat

diff

journalEasyTryHackMe / PortSwigger / Root Me / OverTheWire

Phase 1 done: 8 weeks of pentesting, what I'd do differently

Eight weeks, two GitHub projects, a 69% quiz, and two weeks where I clearly dropped the ball. End of phase 1, unfiltered review.

#phase-1#review#roadmap

6 minApril 12, 2026

journalEasyTryHackMe / PortSwigger

6 weeks of pentesting: what I still didn't know

31/45 on the quiz. Six weeks of work and I still confused filtered with closed. Here are the gaps I found in my fundamentals, and how I fixed them.

#phase-1#review#consolidation

6 minApril 8, 2026

journalEasyPython

I coded my own nmap (a much simpler one)

One socket, one loop, and 1024 ports scanned in seconds. What I understood by building a port scanner from scratch instead of just running nmap.

#phase-1#python#socket

4 minMarch 22, 2026

journalMediumTryHackMe

Eight ways I learned to get root on a Linux box

I thought privilege escalation was about finding the right exploit. Turns out it's mostly about reading what was misconfigured and asking: who forgot about this?

#phase-1#linux#privesc

4 minMarch 15, 2026

journalEasyRoot-Me

The fake `ls` that read a password

A SUID binary, a missing absolute path, and a fake `ls`. How I got a password the program wasn't supposed to share.

#phase-1#linux#shell

2 minMarch 2, 2026

journalEasyOverTheWire

The file named - that froze my terminal

My first real stumble on Bandit. What a file named `-` taught me about how the shell actually works.

#phase-1#linux#shell

2 minFebruary 24, 2026

6 articles