Web penetration tester and security researcher. I document exploits, write-ups, and hard-won lessons from CTFs, labs, and real assessments.
I'm a university student focused on building a career in offensive security and penetration testing.
I'm currently in an intensive learning phase, working toward the Burp Suite Certified Practitioner (BSCP) while developing the practical skills required for OSCP-level work.
This blog serves as a record of that journey - documenting CTF write-ups, lab walkthroughs, and technical breakdowns of real-world attack techniques and tools.
Outside of that, I spend most of my time writing Python for automation, working through TryHackMe labs, and solving challenges on Hack The Box to strengthen my hands-on capabilities.
A zero-cost home NAS built from an old router and a powered 1TB drive, including Windows 11 SMB fixes, mobile access, and the limits of a LAN-only setup.
read postA practical walkthrough of OWASP Juice Shop, covering challenge discovery, exploitation paths, and the use of Burp Suite against a modern training target.
read postA structured walkthrough of PortSwigger SQL injection labs, including manual testing, Python-assisted exploitation, and the reasoning behind each step.
read post