Summary Forge is a simple box that does not involve any guesswork. It is an introduction to Server-Side Request Forgery (SSRF). The main website allowed access to the admin website via SSRF which led to sensitive information disclosure. …

I meant to share this two years ago but I didn’t have the time to do so. I created a script that automates the exploitation of the BitBucket Data Center from path traversal to remote code execution. At the time, there were no available exploits so I created one. Description Atlassian…

Summary Developer is a HARD Linux machine that was released on 18th of August 2021. This machine hosts Developer CTF (created using Python and Django) where users can register and solve CTF challenges. When you successfully completed a challenge, you submit the flag and then you can submit a URL to…