Skip to content
Profile photo
Muntazir Mehdi
Offensive Security
Back to Home

Writing

Notes from cert prep, lab practice, and mistakes I do not want to repeat.

3 posts

Root Without a Password: Testing Copy Fail 2 on Ubuntu 24.04

Root Without a Password: Testing Copy Fail 2 on Ubuntu 24.04

2026·8 min read

My hands-on test of the public Copy Fail 2 PoC on Ubuntu 24.04, how the CVE-2026-43284 xfrm and ESP page cache write path reached root, and what mitigation worked in my VM.

Root Is Not The End: Lessons from the HTB Dante Pro Lab

Root Is Not The End: Lessons from the HTB Dante Pro Lab

2026·6 min read

Dante taught me the parts of internal pentesting that standalone boxes do not force enough: pivoting, credential reuse, note discipline, and treating root as the start of post-exploitation.

How I Scored 95% in the Blue Team Level 1 (BTL1) Exam on My Second Attempt

How I Scored 95% in the Blue Team Level 1 (BTL1) Exam on My Second Attempt

2025·5 min read

My journey from failing the BTL1 exam to scoring 95% on my second attempt. Learn about my preparation strategy, key mistakes, and tips for success.