nerdymark.com

Complete technical writeup of the Cloud Security CTF #4: 'Needle in a Haystack' challenge. Learn how client-side validation bypass and exposed API secrets led to unauthorized access to an internal knowledge base chatbot. Includes step-by-step attack chain from GitHub OSINT to flag retrieval.

Achieving perfection in the Wiz Cloud Security Championship! Currently sitting at the maximum points with 3 challenges completed and 9 more to conquer. Join me on the leaderboard as we push the boundaries of cloud security expertise.

Complete technical writeup of the 'Breaking The Barriers' Azure OAuth privilege escalation CTF challenge. Learn how dynamic group membership rules combined with guest user invitations can create dangerous privilege escalation paths. Includes step-by-step attack chain from service principal authentication to flag retrieval.