SoftAndoWetto's Blog

Cybersecurity insights, CTF adventures, and thoughts on tech & privacy.

Latest Blog Posts

Cacti CVE-2025-24367 – Authenticated RCE via Graph Template Injection

Cacti CVE-2025-24367 – Authenticated RCE via Gr...

A technical analysis and proof-of-concept of CVE-2025-24367: an authenticated remote code executi...
Inside My First-Round Red Team Interview: Networking, Web Exploits, and Windows Attacks

Inside My First-Round Red Team Interview: Netwo...

A behind-the-scenes look at my Red Team interview. This was a first-round technical and experienc...
Back for Round Two - CyberSec Analyst Interview Part 2

Back for Round Two - CyberSec Analyst Interview...

On-site interview experience at a major tech company's London office: deep dive into endpoint sec...




Latest Writeups

HTB - Browsed

HTB - Browsed

A comprehensive walkthrough of the Browsed machine on HackTheBox, covering initial foothold throu...
HTB - Facts

HTB - Facts

Hack The Box 'Facts' write-up covering web enumeration, MinIO discovery, exploitation of CVE-2024...
HTB - MonitorsFour

HTB - MonitorsFour

A challenging HTB Linux machine using web enumeration, PHP type juggling, Cacti RCE (CVE-2025-243...