nerdymark.com

Complete technical writeup of the 'Malware Busters' Go malware reverse engineering CTF challenge. Learn how corrupted UPX headers, garble obfuscation, XOR-encrypted configs, and AES-CBC C2 protocols combine to hide a flag in plain sight. A 2-week journey through anti-analysis techniques and cryptographic red herrings.

Complete technical writeup of the 'Game of Pods' Kubernetes privilege escalation CTF challenge. Learn how path traversal, SSRF, service account token manipulation, and nodes/proxy exploitation chain together for cluster-admin access. A 6-week journey from staging namespace to kube-system secrets.

Complete technical writeup of the Cloud Security CTF #4: 'Needle in a Haystack' challenge. Learn how client-side validation bypass and exposed API secrets led to unauthorized access to an internal knowledge base chatbot. Includes step-by-step attack chain from GitHub OSINT to flag retrieval.

Achieving perfection in the Wiz Cloud Security Championship! Currently sitting at the maximum points with 3 challenges completed and 9 more to conquer. Join me on the leaderboard as we push the boundaries of cloud security expertise.

Complete technical writeup of the 'Breaking The Barriers' Azure OAuth privilege escalation CTF challenge. Learn how dynamic group membership rules combined with guest user invitations can create dangerous privilege escalation paths. Includes step-by-step attack chain from service principal authentication to flag retrieval.