nerdymark.com

Complete technical writeup of the 'Malware Busters' Go malware reverse engineering CTF challenge. Learn how corrupted UPX headers, garble obfuscation, XOR-encrypted configs, and AES-CBC C2 protocols combine to hide a flag in plain sight. A 2-week journey through anti-analysis techniques and cryptographic red herrings.

Complete technical writeup of the 'Game of Pods' Kubernetes privilege escalation CTF challenge. Learn how path traversal, SSRF, service account token manipulation, and nodes/proxy exploitation chain together for cluster-admin access. A 6-week journey from staging namespace to kube-system secrets.

Complete technical writeup of the Cloud Security CTF #4: 'Needle in a Haystack' challenge. Learn how client-side validation bypass and exposed API secrets led to unauthorized access to an internal knowledge base chatbot. Includes step-by-step attack chain from GitHub OSINT to flag retrieval.