← Find more feeds

infosecwriteups.com

InfoSec Write-ups - Medium

Get the latest updates from InfoSec Write-ups - Medium directly as they happen.

Follow now 69 followers

Latest posts

Last updated about 7 hours ago

Ha-Natraj — LFI Log Poisoning + Apache2 User Hijack + sudo nmap to Root | OffSec PG Play

about 7 hours ago

Ha-Natraj is a machine that demands patience and rewards lateral thinking. The...

Read full

PART 2: I Published a Scam Expose.

about 7 hours ago

PART 2: I Published a Scam Expose. NetEase Sent a Takedown Request...

Read full

When Logout Isn’t Really Goodbye: A Subtle Data Exposure Bug.

about 9 hours ago

When Logout Isn’t Really Goodbye: A Subtle Data Exposure Bug.How a “low...

Read full

eCPPT Powershell for Pentesters INE’s CTF 1 : A Practical Attack Story

1 day ago

This wasn’t just another lab. It felt like walking into a poorly...

Read full

Intigriti April 2026 XSS Challenge Writeup

2 days ago

IntroductionEvery month Intigriti drops a browser challenge. This one was the April...

Read full

We Got Targeted: How Attackers Used Microsoft Teams to Own an Employee’s Machine, And How We Caught…

3 days ago

We Got Targeted: How Attackers Used Microsoft Teams to Own an Employee’s...

Read full

AI Offensive Security: Practical Attacks Against LLM Agents

3 days ago

Red-Team and AppSec Practitioner GuideContinue reading on InfoSec Write-ups »

Read full

WaTF Bank Walkthrough (Part 4): Exploiting Android App Security Flaws

3 days ago

Android Mobile Application Security Testing Write-UpIntroductionContinuing from Part 3, where we explored...

Read full

URL Anatomy & Encoding: Why Your Payloads Break

3 days ago

Your payload was correct. It just never arrived at the server that...

Read full

ShellForge: Building a Constraint-Aware Shellcode Generator from Scratch

3 days ago

How I built a multi-architecture shellcode synthesiser in C that outperforms msfvenom...

Read full

Reverse Engineering the Proscenic 850T Robot Vacuum

3 days ago

How I extracted the localKey with Frida, mapped the Tuya Data Points...

Read full

This Is How I Could Have Reactivated Your Instagram Account Without Your Knowledge

4 days ago

In this write-up, I have shared the story of an Instagram bug...

Read full

Or log in

Everything you care about in one place

InfoSec Write-ups - Medium

Latest posts

Ha-Natraj — LFI Log Poisoning + Apache2 User Hijack + sudo nmap to Root | OffSec PG Play

PART 2: I Published a Scam Expose.

When Logout Isn’t Really Goodbye: A Subtle Data Exposure Bug.

eCPPT Powershell for Pentesters INE’s CTF 1 : A Practical Attack Story

Intigriti April 2026 XSS Challenge Writeup

We Got Targeted: How Attackers Used Microsoft Teams to Own an Employee’s Machine, And How We Caught…

AI Offensive Security: Practical Attacks Against LLM Agents

WaTF Bank Walkthrough (Part 4): Exploiting Android App Security Flaws

URL Anatomy & Encoding: Why Your Payloads Break

ShellForge: Building a Constraint-Aware Shellcode Generator from Scratch

Reverse Engineering the Proscenic 850T Robot Vacuum

This Is How I Could Have Reactivated Your Instagram Account Without Your Knowledge

Try Feeder for free