https://733nwolf.is-a.dev/blog/Recent content in Home on Aswin Krishna ( 733n_wolf ) — BlogHugo -- gohugo.ioen-US733nwolf@gmail.com (Aswin Krishna)733nwolf@gmail.com (Aswin Krishna)Sat, 23 Nov 2024 10:00:00 +0000https://733nwolf.is-a.dev/blog/posts/dwva-report-by-aswin-krishna/Sat, 23 Nov 2024 10:00:00 +0000https://733nwolf.is-a.dev/blog/posts/dwva-report-by-aswin-krishna/733nwolf@gmail.com (Aswin Krishna)<p>This post documents the DWVA (Damn Vulnerable Web Application) pentesting engagement conducted by Aswin Krishna.</p> <p>The attached PDF report is available below for inline viewing, and users can also download the file.</p> <div class="pdf-container" data-pdf="https://733nwolf.is-a.dev/assets/pdfs/DWVA_report_by_aswin_krishna.pdf"></div> <h2 id="summary">Summary</h2> <ul> <li>Target: DWVA web application</li> <li>Focus: web application security testing and exploitation</li> <li>Outcome: findings, remediation, and lessons learned</li> </ul> <p>Read the full report inside the embedded viewer above.</p>https://733nwolf.is-a.dev/blog/posts/tjctf_2026_writeups/Fri, 24 May 2024 12:00:00 +0000https://733nwolf.is-a.dev/blog/posts/tjctf_2026_writeups/733nwolf@gmail.com (Aswin Krishna)<h1 id="tjctf---webtreasure-hunt-writeup">TJCTF - web/treasure-hunt Writeup</h1> <p><img src="https://733nwolf.is-a.dev/blog/assets/images/image-53.png?width=102&amp;height=102" alt="CTF Logo"></p> <h2 id="challenge-information">Challenge Information</h2> <ul> <li><strong>Category:</strong> Web</li> <li><strong>Challenge Name:</strong> treasure-hunt</li> </ul> <h3 id="description">Description</h3> <blockquote> <p>Let&rsquo;s go hunt down some treasure! The flag is split into 4 parts. I&rsquo;ll give you the first one right here: <code>tjctf</code></p> </blockquote> <p><img src="https://733nwolf.is-a.dev/blog/assets/images/image-46.png" alt="desc"></p> <hr> <h1 id="recon">Recon</h1> <p>The challenge is a simple web application with multiple hidden clues spread across different endpoints.</p> <h2 id="discovered-endpoints">Discovered Endpoints</h2> <table> <thead> <tr> <th>Method</th> <th>Endpoint</th> <th>Description</th> </tr> </thead> <tbody> <tr> <td>GET</td> <td><code>/</code></td> <td>Main index page containing hidden HTML</td> </tr> <tr> <td>POST</td> <td><code>/</code></td> <td>Form submission endpoint returning a redirect</td> </tr> <tr> <td>GET</td> <td><code>/extra_info</code></td> <td>Redirect destination</td> </tr> <tr> <td>GET</td> <td><code>/robots.txt</code></td> <td>Reveals hidden paths</td> </tr> <tr> <td>GET</td> <td><code>/gold-coffer</code></td> <td>Hidden endpoint containing flag data</td> </tr> <tr> <td>GET</td> <td><code>/static/styles.css</code></td> <td>Stylesheet</td> </tr> <tr> <td>GET</td> <td><code>/static/ship.png</code></td> <td>Image</td> </tr> <tr> <td>GET</td> <td><code>/static/penguin.png</code></td> <td>Image</td> </tr> </tbody> </table> <p>No JavaScript files or authentication mechanisms were present.</p>https://733nwolf.is-a.dev/blog/about/Mon, 01 Jan 0001 00:00:00 +0000https://733nwolf.is-a.dev/blog/about/733nwolf@gmail.com (Aswin Krishna)<p>This blog showcases cybersecurity research, CTF writeups, and pentesting reports from Aswin Krishna.</p> <p>It is powered by the Hugo Awesome Blog theme for a polished reading experience.</p>