CTF Writeups

OPERATION ECHO

Feb 27, 2026 • 7 min read • 58 views

OSINT GEOSINT

Asset Echo went dark in September 2017. All that was left was a single image file and a trail of breadcrumbs. This is a full walkthrough of the OSINT CTF challenge tracking him down, from hidden metadata to a Vigenere cipher, piecing together his final movements one clue at a time.

Cracking the Codes of “Ghost in the Wires” – Part One

Jan 16, 2026 • 4 min read • 89 views

CIPHER CRACKING

If you’ve read "Ghost in the Wires" by Kevin Mitnick, you’ll know it’s a gripping autobiography of one of the world’s most notorious social engineers. But if you look closer, you’ll also find hidden puzzles.

OSINT newsletter: Operation Jaguar

Jan 09, 2026 • 4 min read • 163 views

Easy

OSINT

Write up for the Operation Jaguar challenge

Wgel

Dec 30, 2025 • 4 min read • 149 views

Easy

SSH

For October, everything has been CTFs, blue team labs, and building this blog from scratch. This is a relaxed TryHackMe boot‑to‑root walkthrough where a leaked SSH key and sudo wget abuse turn a basic Apache page into a full root compromise

Mustacchio

Nov 27, 2025 • 3 min read • 107 views

Easy

SSH SUID XXE

A full compromise walkthrough showing how simple misconfigurations led from web discovery to root access through XXE exploitation and a SUID path hijack.

Haunted Pumpkin CTF

Jan 06, 2026 • 6 min read • 185 views

OSINT

Halloween night, I jumped into the Haunted Pumpkin OSINT CTF run by OSINT Switzerland, tackled a series of image‑driven OSINT challenges, and finished with 3101 points in this 30‑hour event.

Brute it

Sep 25, 2025 • 2 min read • 77 views

Easy

SSH SUDO

A full compromise walkthrough showing how thorough enumeration and classic brute-forcing techniques, combined with privilege escalation via sudo misconfigurations, led from initial web discovery to root access in the Brute It room on TryHackMe.