Blog

All posts

Documenting my journey through CTFs, vulnerability research, and full-stack development.

First CTF Challenge, First Flag Dropped

A full writeup of the Web challenge I authored for GCDxN7 CTF — chaining SQL Injection and SSTI to capture the flag.

CTFSQL InjectionSSTIWeb SecurityChallenge AuthorWriteup

2025-12-15

SSTI-1 picoCTF

Exploiting Server-Side Template Injection in a Flask/Jinja2 web application to read the flag — a step-by-step walkthrough of the picoCTF SSTI-1 challenge.

CTFCybersecurityWEBPICOCTF

2025-05-08