Hands-on practice is where the theory clicks. I use platforms like TryHackMe and Hack The Box to sharpen my skills, and this page is where I document the key learnings from each lab I complete.
TryHackMe
Authentication, Enumeration & Predictable Tokens
EasyExploring user enumeration via error messages, automated enumeration, and brute forcing predictable password reset tokens with Burp Suite.
Read the write-up →My Approach
These aren't full walkthroughs — I focus on the key takeaways, the techniques I learned, and the mistakes I made along the way. The goal is to reinforce my own learning and hopefully help others who are working through the same labs.
I won't include flags or step-by-step solutions for active machines. If a machine is retired, I may go into more detail.