This write-up contains solutions of few challenges from ScriptCTF 2025, where I (solo) bagged 403rd place out of 1767 teams from all over the world. It contained challenges suitable for beginners t...

NahamCon CTF 2025 write-up Hello folks, this is my first write-up for my first CTF contest, The NahamCon CTF 2025 by Ben Sadeghipour aka Nahamsec. I have covered warmup and easy challenges that i w...

Note: This blog is completely based on OWASP guide for prevention of Cross Site Scripting (XSS), but it is put in my own words so it can be understood in a simpler way. Cross Site Scripting is a ...

Note: This blog is completely based on OWASP guide for prevening SQL Injection Attacks, but it is put in my own words so it can be understood in a simpler way. SQL injection is a process of injec...

A no-nonsense password vault developed using the LAMP stack, with secure coding practices and robust encryption algorithms. salted hashing for authentication and AES encryption for data storage. S...

A simple HTTP server written in C that demonstrates real memory safety using Fil-C. The code contains patterns that would be easily exploitable in normal C, but Fil-C’s runtime protection catches a...

Overview This script performs automated system hardening by updating the configuration and recommending some manual checks that can help you secure your system and detect any suspicious behaviour....