Portfolio
Projects & Write-Ups
CTF write-ups, security research, tools, and real-world case studies.
HTB — Buffer Overflow Exploitation
Step-by-step walkthrough of a classic stack-based buffer overflow on a 32-bit Linux binary. Covers fuzzing, pattern creation, bad char analysis, and shellcode injection.
SubEnum — Subdomain Enumerator
A fast multi-threaded subdomain enumeration tool with DNS bruteforce, certificate transparency log scraping, and Shodan integration.
SQL Injection to RCE via File Write
Exploiting a blind SQLi vulnerability to write a PHP webshell via MySQL's INTO OUTFILE, escalating to full remote code execution on the target server.
IoT Attack Surface Analysis
Research into default credentials, exposed admin panels, and insecure firmware update mechanisms across 20 consumer IoT devices. Responsibly disclosed 3 CVEs.
AutoPrivEsc — Linux PrivEsc Checker
Automated Linux privilege escalation checker. Scans for SUID/SGID binaries, writable cron jobs, kernel exploits, and misconfigured sudoers entries.
Phishing Campaign Analysis
Reverse-engineered a credential harvesting phishing campaign targeting financial institutions. Documented infrastructure, evasion techniques, and IOCs.