Abishek Kumar

Articles & Write-ups

In-depth security analysis, cyber secruity write-ups, and technical documentation

CTF Challenge

4 Vulnerabilities Exploited

CTF Write-up Web Security Mobile Security

CloudSek Hiring CTF - Round 1

December 2025 15 min read

A comprehensive security analysis covering four distinct challenges from CloudSek's hiring CTF. Explores NITRO speed-based automation, XXE injection vulnerabilities, PHP type confusion in multi-factor authentication, and Android APK reverse engineering with JWT forgery leading to complete system compromise.

XXE Injection JWT Forgery Type Confusion Mobile Security BeVigil Python Automation
Read Full Write-up

SSTI to RCE

Complete System Takeover

CTF Write-up SSTI RCE

Boot Sequence - CloudSek Hiring CTF Round 2

December 14, 2025 20 min read CVSS 10.0 (Critical)

An in-depth exploitation walkthrough of an orbital relay control system. Starting from hardcoded credentials in JavaScript files, progressing through JWT secret cracking and token forgery, and culminating in Server-Side Template Injection (SSTI) exploitation to achieve Remote Code Execution on a Flask/Jinja2 application.

SSTI JWT Cracking Jinja2 Flask RCE Privilege Escalation
Read Full Write-up

More Articles Coming Soon!

I'm constantly working on new security research, CTF challenges, and technical write-ups. Stay tuned for more in-depth analysis and educational content.

Connect for Updates
Back to Research & Publications