YPYogesh Peelainexploitnotes.hashnode.dev·6h ago · 13 min readHackTheBox : Sweep WriteupSummary Sweep is an Active Directory box built around a self-hosted Lansweeper instance (an IT asset-management platform). The box is a good example of how Lansweeper's own scanning and deployment fea00
YPYogesh Peelainexploitnotes.hashnode.dev·1d ago · 8 min readHackTheBox: NeoVault Challenge WriteupSummary NeoVault is a small banking app (Next.js frontend + REST API) that lets users register, transfer funds, and download PDF statements. The API ships in two parallel versions, v1 and v2. v2 patch00
YPYogesh Peelainexploitnotes.hashnode.dev·1d ago · 5 min readBroncoCTF: Lovely LoginExecutive Summary Lovely Login presents a minimal "Secure Database" login form backed by an Express API at /login. The obvious attack surface — NoSQL operator injection on username/password — turned o00
YPYogesh Peelainexploitnotes.hashnode.dev·1d ago · 5 min readBroncoCTF : Super Secure ServerExecutive Summary Super Secure Server presents a login form that appears to check a username and password, but does nothing of the sort. The page's own JavaScript fetches the "secret" credentials from00
YPYogesh Peelainexploitnotes.hashnode.dev·1d ago · 4 min readBroncoCTF : Unblur me WriteupChallenge A web page at https://broncoctf-unblur-me.chals.io/ presents a "Calculus Review" quiz: Solve 500 derivatives to unblur the image and unlock a secret. Progress: 0 / 500 A blurred image sits 00