Blue/Red Reports

This section contains my Blue and Red Team reports, detailing engagements, methodologies, and findings from various security assessments. I'll update this as new reports are completed, but red teaming keeps me busy, so bear with me if I'm a bit behind!

DC-4 Report

CTF Report(OffSec):: DC-4

DC-4 from OffSec Proving Grounds was a challenging yet rewarding pentest lab that I recently tackled. It tested my skills in enumeration, brute-forcing, command injection, and privilege escalation.

 Djin3 Report

CTF Report(OffSec): Djin3

Djinn3 box from OffSec involved exploiting a Server-Side Template Injection (SSTI) vulnerability in a Flask web app to gain a shell, followed by privilege escalation using the PwnKit exploit. It pushed my skills in enumeration, vulnerability research, and privilege escalation to the limit.