Tamago Security

I once spent 20 minutes on a red team engagement searching for a Mimikatz command I had definitely written down somewhere. It was in a Microsoft Teams chat. From myself. To myself. Sent 8 months ago. That was the moment I realized my “system” was actually just chaos with extra steps. I had notes in Notion, screenshots in Downloads, bookmarks in Chrome, and half-remembered commands floating in my head like lost packets. So I built something dumber, stricter, and way more useful. Why Obsidian?...

HTB Facts – Season 10 write-up (rephrased / restructured version) Easy Linux box to open the season — classic web → LFI → SSH key → passphrase cracking → sudo misconfiguration. 1. Reconnaissance & Port ScanQuick full-port scan: 1234PORT STATE SERVICE22/tcp open ssh OpenSSH 9.9p1 Ubuntu 3ubuntu3.280/tcp open http nginx 1.26.3 (Ubuntu)54321/tcp open http MinIO (Golang net/http) Added facts.htb to /etc/hosts and ran version + default script scan on the three...

If you’re into wireless pentesting or ethical hacking, the Alfa AWUS036ACH is a go-to Wi-Fi adapter. It consistently ranks in the top 5 for Kali Linux compatibility, thanks to its support for monitor mode and packet injection. However, it’s not plug-and-play—Kali doesn’t support it out of the box. In this post, I’ll walk you through the installation process step by step, based on my recent setup. Getting StartedPlug the AWUS036ACH into a USB port on your Kali machine using the included cable....

Flutter apps are notoriously difficult to intercept—they ignore system proxies and use BoringSSL with custom certificate pinning. This guide walks through setting up a VPN on Kali to route iOS traffic, disabling TLS verification with Frida, and capturing packets in Burp. It’s applicable to Android with minor adjustments. BackgroundRecently I dove into mobile pentesting for the first time with a Flutter-based app on iOS. Flutter’s architecture makes traffic interception painful because: No sy...

Blue is a straightforward Windows box on HackTheBox, rated easy, that demonstrates the dangers of unpatched systems. We start with an Nmap scan revealing it’s Windows 7 SP1, vulnerable to EternalBlue (MS17-010). Using Metasploit’s exploit module, we get a SYSTEM shell immediately and grab both flags. No privesc needed. ReconnaissanceI kicked off with a full port Nmap scan, adding version and script scanning to get as much info as possible: 12345678910111213141516171819202122232425262728293031...

“1% better everyday.” That’s the core philosophy behind Tamago Security. Hi, I’m TamaGorengs. I’ve been in the cybersecurity industry for over 3 years, starting my journey in the trenches of a SOC (Security Operations Center) before transitioning to the offensive side as a Penetration Tester. Why this blog?In this industry, the learning never stops. I’ve spent countless hours grinding through certifications like OSCP, PNPT, and CPTS. I’ve spent even more hours staring at terminal screens, deb...

Welcome to my new blog! I’m currently working on some HackTheBox writeups that will be published as soon as the machines expire. Stay tuned for: Penetration Testing Writeups Vulnerability Research Security Tooling For now, check out the About page to learn more.