Week #4: Why Not Me?
What I Did This Week?
- Created three security checklists
- Started JS :) cool, right?
- Hitting those daily exercise routines with discipline
- Working on my big YouTube playlist starting with HTTP vs HTTPS
- Use curl, guys
- Hacked some random college website (XSS + LFI + SQLi)
- Got a duplicate on another report (No, I’m not crying)
- Working with APIs: Made a little project to download my wallpapers
- Got a critical bug just by doing deep recon
- Twitter is wild; I am leaving it
- HackTheBox Backfire machine backfired at me, lmao
- I believe I can do more, and I will
- Fighting with someone whom I thought was a real cool hacker (yes, LiveOverflow)
Note: Before starting this, I know I used to make tutorials and similar blogs, but now I’m just sharing what I did this week. I’m so busy lately that I can’t even manage everything myself, but I’ll try to fix it. Dude, it’s like I’m taking only 3-4 hours of sleep nowadays, and during MMA training, I sometimes just black out. I’m typing this so fast because there are still tasks to finish before Monday, lol.
Created Three Security Checklists
I was tasked to create some checklists, including:
- API security and attacking list
- Top 100 bug bounty tools list
- GraphQL attacking list
- Active Directory checklist
I’ve completed the API, tools, and GraphQL checklists. For the Active Directory one, I need to finish it today. Once the README is done, I’ll share it. I’m not great at documentation, but hey, ChatGPT is, haha.
Yes, this is the same checklist I was yapping about on Twitter and begging for suggestions!
Started JS :) Cool, Right?
I talked to some developers and realized that JavaScript isn’t just for XSS, lmao! I’m learning it to create games and cool, fun projects. For example, maybe a project where you can click on profiles to decide “who yaps a lot” on Twitter.
Currently, I’ve barely reached the functions part but will cover OOP soon. Once I do, devs better watch out because we’re taking over!
Hitting Those Daily Exercise Routines with Discipline
I’m putting in the work:
- 300 pushups
- 200 situps
- 200 squats
- Regular MMA training
- 5 minutes of meditation
It’s really hard at first, especially since I don’t have a strict routine, but I’m making progress. Hearing from my internet friends that they see these posts and try it themselves is incredibly motivating. It feels great to inspire others, even a little.
Working on My Big YouTube Playlist Starting with HTTP vs HTTPS
I’ve started working on a YouTube playlist. I’ll make a ton of videos, maybe even go live since I hate editing. My videos will be raw, unfiltered content, lmao.
If anyone reading this knows about video editing, please teach me!
Use Curl, Guys
Seriously, curl is all you need. Play the HackTheBox machine named “2 Million,” and you’ll see what I mean.
Hacked Some Random College Website (XSS + LFI + SQLi)
Lmao, I was in the office, and someone from the marketing team sent a link in the Teams chat. I noticed it had .php, and I was like, “Let’s do something crazy.”
Long story short, I did. I posted about it on Twitter—just for educational purposes (kidding, I was bored and wanted someone to reply to my tweet). See how alone I am?
Got a Duplicate on Another Report (No, I’m Not Crying)
My favorite program sent me a duplicate report. They basically said, “Here’s your duplicate, go cry somewhere else.” Little do they know, I thrive on duplicates!
Working with APIs: Made a Little Project to Download My Wallpapers
While learning JS, I thought, “Why not make a cool project?” The problem is, I’ve only used JS for XSS and CORS stuff. The last time I made something cool was in my first year of college a game that ended up being a meme.
Now, I’m writing a wallpaper downloader.
Got a Critical Bug Just by Doing Deep Recon
This was wild. I found a plaintext password that got me into an account. Honestly, I didn’t think it would work, but it did! Now, I’m waiting for the response.
Twitter Is Wild; I Am Leaving It
Some of my posts blew up 300K and 100K views! One was a Google dork I shared while half asleep, lmao. People kept engaging with it, but where were you when I was sharing something cool?
Anyway, Twitter is chaotic. It reminds me of 2024, when my Mr. Robot and HackTheBox posts blew up. People even accused me of “out of reach.” Dude, what is reach? I’m not Elon Musk.
HackTheBox Backfire Machine Backfired at Me, Lmao
I barely solved this one on the last day, but I’m glad I did. I almost tried it in the office but waited until Saturday. Otherwise, I’d have been kicked out of the season, and my team would call me a noob.
I Believe I Can Do More, and I Will
This is what I tell myself. I have the power and mentality to do amazing things. I just need pure discipline and direction. Watch—I’ll make it happen!
Fighting with Someone I Thought Was a Cool Hacker (Yes, LiveOverflow)
This one’s controversial. I used to watch LiveOverflow’s binary exploitation playlist in high school. Never thought he’d make lame comments toward me. People do change after gaining followers.
I don’t care about followers I have friends. If I ever see him at a conference, I know what I’ll say. They think they’re on top? Where’s the 0-day?
People told me to delete this post, but I won’t, no matter how many fanboys come after me. His explanation makes no sense. If he hates spam in comments, why not turn them off? That’s why I love George Hotz at least he’s real and doesn’t act.
That’s it for this crazy week. I’ll try to use Twitter less, stay calm, and work on myself. Love you all! Have a great upcoming week.