root.sec
Breaking into web applications, hunting vulnerabilities, and building security tools. Documenting the journey along the way.
* Bug Bounty Hunting
* Vulnerability Research
* Security Tooling
Bug Hunting & Ethical Hacking
Breaking web apps, finding vulnerabilities, and documenting the hunt
CTF Writeups
Walkthroughs of HackTheBox, TryHackMe, and PortSwigger labs with methodology breakdowns.
Bug Bounty
Real-world vulnerability discoveries, hunting techniques, and responsible disclosure stories.
Technical Deep Dives
In-depth analysis of attack vectors, security tools, and exploitation techniques.
Recent Writeups
CMSpit
A TryHackMe room exploiting Cockpit CMS NoSQL injection for initial access, discovering MongoDB credentials, and escalating privileges using exiftool CVE-2021-22204.
Year of the Jellyfish
A hard TryHackMe room involving SSL certificate enumeration to discover virtual hosts, exploiting an unauthenticated RCE in Monitorr v1.7.6 via a custom exploit script, and escalating privileges using the DirtySock snapd vulnerability.
HackTheBox – Kobold
Detailed exploitation walkthrough for HackTheBox Kobold machine, covering CVE-2026-23520 MCP service RCE and Docker daemon privilege escalation.
HackTheBox – VariaType
Detailed exploitation walkthrough for HackTheBox VariaType machine, covering CVE-2025-66034 and vulnerable font processors.
Featured Projects
HybridRecon X
Docker-based, context-aware recon and pentesting framework that fingerprints targets, adapts scans based on detected technologies and WAFs.
SafeClick
Chrome extension that analyzes websites in real time to determine their trust score. Detects phishing sites using threat intelligence databases and logic operations.
Ready to secure your assets?
Let's collaborate on security research, penetration testing, or just chat about the latest vulnerabilities.