RedTeam Phish Suite | From Idea to Full Graduation Project
A deep dive into building RedTeam Phish Suite — my graduation project and the most technically involved thing I ve built. A full-stack phishing simulation platform that uses OSINT and AI to generate personalized spear-phishing emails per target. From surviving 9 attempts to scrape LinkedIn (and failing 8 times), to a Chrome extension that finally worked, to a dual Red Team / Awareness mode with real-time tracking — this is everything I built, broke, and learned.
The Curator's Exit | CIT@CTF 2026
How We Solved Challenges We Never Opened ? or Who Said You Have to Open the Challenge First ?
Clowns_APT | 0xL4ugh CTF 2026
An OSINT investigation starting from a single ransom image left on a Node.js developer machine. Trace the attacker across all platforms to uncover an attack via a malicious npm package.
cat flag.png | Connectors Ctf 2025
Extracting a hidden flag image by exfiltrating binary data over DNS queries using hex encoding and interactsh.
Stylish-Boss | CatReloaded CTF 2025
Exploiting CSS injection and command injection to bypass CSP and steal admin API keys, leading to full system compromise in a web challenge.
JWT Attacks
A comprehensive guide to JWT (JSON Web Token) vulnerabilities and attacks including signature bypass, algorithm confusion, and header parameter injections.
