astronaut
Logbook
Web Security • Research • CTF
Menu
Archive

Blog

CTF writeups, research notes, and deep dives.

Quick tags:
Jul 02, 2026

My 10-Week HTB Sherlocks Blue Team Roadmap

A practical 10-week HTB Sherlocks roadmap for SOC, DFIR, Blue Team, Purple Team, malware triage, cloud IR, threat intel, and interview prep.

#htb #sherlocks #blue-team #dfir #soc
research
Jun 30, 2026

Filtered Reality

Full-chain CTF writeup for a WordPress and Puppeteer bot challenge involving nonce leakage, DOM clobbering, CSP nonce recovery, RCE, and SHA-256 length extension.

#writeup #wordpress #xss #csp #rce
Sekaictf2026 web hard
Jun 03, 2026

GCP Beginner Path

Phase 6 notes: Google Cloud Storage exposure, hidden file discovery, SSRF, Gopher bypasses, metadata service access, and GCP initial access.

#gcp #cloud-security #google-cloud-storage #ssrf #metadata-service
research
Jun 01, 2026

Azure Beginner Path

Phase 5 notes: Azure Blob Storage exposure, Key Vault abuse, Storage Tables, Entra ID recon, AzureHound, BloodHound, Microsoft Graph, and M365 post-exploitation.

#azure #cloud-security #entra-id #bloodhound #microsoft-graph
research
May 29, 2026

AWS Detection + Blue Team

Phase 4 notes: AWS detection, CloudTrail analysis, Athena queries, Macie, Security Hub, Amazon Detective, and credential abuse response.

#aws #cloud-security #blue-team #cloudtrail #athena
research
May 25, 2026

AWS Privilege Escalation + Service Abuse

Phase 3 notes: privilege escalation paths, trust-policy abuse, and service-level exploitation across S3, IAM, Cognito, SQS, and Lambda.

#aws #cloud-security #privilege-escalation #iam #s3
research
May 23, 2026

Web-to-Cloud Attack Chains

Phase 2 notes: chaining web vulnerabilities into AWS credential theft, secret discovery, and cloud resource compromise.

#aws #cloud-security #web #ssrf #path-traversal
research
May 17, 2026

AWS Storage + IAM Foundation

Phase 1 notes: S3, IAM, account ID discovery, CloudTrail investigation, and exposure risks in EBS/RDS.

#aws #cloud-security #s3 #iam #cloudtrail
research
May 12, 2026

SIEM Analysis Using Splunk BOTS v1

SIEM analysis report converted from PDF to MDX format.

#siem #splunk #botsv1 #security-operations
for
May 12, 2026

Windows Forensics & Event Log Analysis (HTB Sherlock: GhostTrace)

Windows forensics and event log analysis report converted from PDF to MDX.

#forensics #windows #eventlog #htb #sherlock
for