Cyber Security & Tech Articles

HTB Giveback Writeup & Walkthrough
HTB Giveback Writeup & Walkthrough
HTB Giveback Look, if you've spent any time grinding through complex lab environments or knocking out rooms, you already know that some machines are just built different and are specifically... Read more...
Best AI Security Certifications in 2026 | Expert Breakdown
Best AI Security Certifications in 2026 | Expert Breakdown
Look, if you've been hanging around the cybersecurity space for any amount of time lately, you've probably noticed that the ground is completely shifting beneath our feet when it comes... Read more...
HTB Soulmate Writeup
HTB Soulmate Writeup
In HTB Soulmate, we chain together two devastating 2025 CVEs, turning what looks like a standard web server into a lesson on why enterprise file transfer solutions are often the... Read more...
HTB Signed Writeup
HTB Signed Writeup
If you’ve been looking for a HackTheBox machine that genuinely sits at the intersection of CTF learning and real-world red teaming, then the recently retired HTB Signed box is worth... Read more...
False Confidence in the SOC: The YARA Rule Problem
False Confidence in the SOC: The YARA Rule Problem
In my recent SOC encounters, I cut through the common misconception that syntactically correct equals operationally safe. A YARA rule that compiles is merely the bare minimum, it’s like saying... Read more...
Microsoft Office RCE Zero-Day (CVE-2026-21509) Explained
Microsoft Office RCE Zero-Day (CVE-2026-21509) Explained
In the relentless cycle of cybersecurity patches and panic, it is easy to become desensitized to the term Zero-Day. However, the recently disclosed CVE-2026–21509 demands our immediate and undivided attention,... Read more...
GeoServer: CVE-2025-58360 Vulnerability Analysis
GeoServer: CVE-2025-58360 Vulnerability Analysis
If you think XML External Entity (XXE) vulnerabilities are a relic of the past or just theoretical noise, this walkthrough on the GeoServer CVE-2025-58360 is the wake-up call you need.... Read more...
HTB CodePartTwo Writeup
HTB CodePartTwo Writeup
While many boxes challenge you to find a missing patch or a weak password, HTB CodePartTwo machine attacks the fundamental trust developers place in third-party libraries to sanitize execution environments.... Read more...
HackTheBox Sherlock Brutus Writeup
HackTheBox Sherlock Brutus Writeup
Introduction HackTheBox Brutus is a beginner-level DFIR challenge that includes an auth.log file and a wtmp file as key artifacts. Using these, we’ll track how an attacker conducted an SSH brute force attack, ultimately... Read more...
OSCP vs HackTheBox CPTS 2026 Review
OSCP vs HackTheBox CPTS 2026 Review
 Legacy vs. Innovation For years, the OSCP has been the undisputed Gold Standard of entry-level pentesting certifications. It is the certification HR managers look for. However, Hack The Box (HTB) has... Read more...
HackTheBox Spookypass Challenge Writeup
HackTheBox Spookypass Challenge Writeup
Introduction The “SpookyPass” challenge from Hack The Box’s Hack The Boo 2024 event is a reverse engineering task categorized as very easy. You are provided with an executable that prompts... Read more...
The Ultimate Guide to Active Directory and Windows Server Penetration Testing
The Ultimate Guide to Active Directory and Windows Server Penetration Testing
1. Introduction Active Directory (AD) is not just a directory service; it is the nervous system of the modern enterprise.  It controls who has access to what, enforces security policies,... Read more...