Hell-o World!

I document writeups, technical findings, and blog entries here.

Jin 2026-01-20 8 min read

Boolean-based Blind SQLi with Division-based Extraction

Hi guys, today I will teach you how to exploit Boolean-based Blind SQL Injection. This is a technique I recently used on a penetration test to extract database usernames …

SQL Injection Boolean-Based Blind Web Security

Jin 2026-01-07 8 min read

BSCP Certified: Stuck for an Hour, Done in Two

After a weeks of preparation, countless PortSwigger labs, and more caffeine than I’d like to admit, I finally passed the Burp Suite Certified Practitioner (BSCP) exam. …

BSCP Web Security Bug Bounty