A full walkthrough of how a manufacturing dashboard’s client-side authentication model collapsed under a single Burp rule, and how that access chained directly into stored HTML injection across shared pages.

$ ./init

This blog will document offensive security engagements, techniques, and research.

Topics covered:

• Web & API penetration testing
• Active Directory exploitation
• Red team operations
• Mobile security
• Exploit development

Stay tuned.