HTB - KNOTE
This post explores a process to exploit a hackthebox pwning challenge that is a Kernel Linux heap UAF by reusing the vulnerable object to execute gadgets and performing privilege escalation on the target.
DICECTF - HEAP BABYROP
The challenge provides a binary using libc 2.34 from DiceCTF of 2022, there is a UAF vulnerability that allows us to write arbitrarily in desired locations, abusing the behavior when them program allocates heap chunks.
IAM PRIVESC BY KEY ROTATION 
This writeup explores an IAM role using user policies to achieve the secrets manager.
VULNERABLE COGNITO 
This writeup explores a vulnerable cognito service by altering the attributes of an account.
PWNABLE XYZ - FREESPIRIT
Challenge from pwnable.xyz exploring House of Spirit technique.
GENESIS CTF 2024 - CONFUSION
This writeup explains the exploration process of Confusion challenge with authentication bypass and remote code execution. The app is written in NodeJS.
ROP EMPORIUM
RopEmporium is a platform to learn return oriented programming and there are 8 available challenges to practice.
RAILSGOAT LAB
Notes on a railsgoat lab review, I need to finish checking other points in the code that seem to be pertinent. The purpose of doing this lab was to understand some Rails behaviors and understand how it is structured.