Penetration Testing Journey

Exploring the world of ethical hacking and cybersecurity

Current Focus Areas

Web Application Security

OWASP Top 10 Vulnerabilities
- Injection Flaws
- Broken Authentication
- Sensitive Data Exposure
- XML External Entities
Advanced SQL Injection
- Blind SQL Injection
- Time-based Attacks
- Out-of-band Techniques
Cross-Site Scripting (XSS)
- Reflected XSS
- Stored XSS
- DOM-based XSS
Authentication Bypasses
- JWT Manipulation
- OAuth Vulnerabilities
- Session Management

Network Penetration

Enumeration Techniques
- Service Version Detection
- OS Fingerprinting
- Active Directory Enumeration
Exploitation Methods
- Buffer Overflows
- Remote Code Execution
- Privilege Escalation
Wireless Security
- WPA/WPA2 Cracking
- Evil Twin Attacks
- MITM Techniques

Recent Achievements

HTB
Hack The Box Achievements
- Completed 10 Medium Difficulty Machines
- Ranked in Top 100 in CTF Competition
- Successfully solved Advanced Web Challenges
- Contributed to HTB Write-ups Community
CTF
CTF Competitions
- PicoCTF - Top 20% Globally
- DEFCON CTF Qualifier Participation
- University CTF Team Leader
CERT
Certifications Progress
- eJPT - Completed
- OSCP - In Progress
- Burp Suite Certified Practitioner - Planned

Current Projects

Automated Vulnerability Scanner

Custom Python tool for automating initial reconnaissance and vulnerability scanning.

Python Nmap SQLMap

Web Security Testing Lab

Building a vulnerable web application for practice and teaching purposes.

Docker PHP MySQL

Tools Mastery

Burp Suite Professional
Advanced web application testing
Metasploit Framework
Exploitation and post-exploitation

Study Schedule

Daily Practice

2 hours HTB machines
1 hour web security labs
1 hour documentation review

Weekly Goals

Complete 2 HTB machines
Write detailed write-ups
Participate in 1 CTF