<Mehedi/>

Pensieve

A collection of thoughts, tutorials, and write-ups.

Header Injection Leading to Full Account Takeover

How a simple header injection flaw bypassed all protections and led to full account takeover.

2026-05-03
#pentest#account takeover

OTP Bypass via Legacy API Endpoint Leading to Full Account Takeover

Learn how a legacy endpoint bypassed OTP security, leading to full account takeover in a social media app.

2026-04-21
#pentest#account takeover

Prompt Injection: Solving Gandalf by Lakera

Explore prompt injection strategies to solve Lakera's Gandalf challenge and learn how user input overrides AI prompts.

2026-04-15
#AI#LLM#Prompt Injection

Prompt Injection: Reconnaissance

Explore the security risks of Prompt Injection, a vulnerability that manipulates LLM inputs, leading to unintended and potentially harmful responses. This part will only cover the reconnaissance.

2026-04-10
#AI#LLM#Prompt Injection

FINCII2024 CYBER DRILL STEGANOGRAPHY DEEP SEA

Writeup for FINCII2024 STEGANOGRAPHY DEEP SEA

2024-10-31
#FINCII2024#Steganography#Deep_Sea

FINCII2024 CYBER DRILL OSINT MALVERTISING

Writeup for FINCII2024 OSINT MALVERTISING

2024-10-28
#FINCII2024#OSINT#Malvertising

FINCII2024 CYBER DRILL BOOT 2 ROOT

Writeup for FINCII2024 BOOT2ROOT

2024-10-26
#FINCII2024#BOOT2ROOT

Hack The Box LoveTok

Writeup for Hack The Box LoveTok

2023-11-03
#htb#lovetok#web

Designed & Built by Mehedi Hasan

© 2026 All Rights Reserved.