From PHP Upload Bypass to KeePass Cracking
Two techniques worth remembering from TryHackMe's Opacity — bypassing PHP upload filters with a fragment character, and cracking .kdbx files with keepass2john + john.
Hijacking Spring Boot Sessions via /actuator
How an exposed /actuator/sessions endpoint on the HTB CozyHosting box turns into a full authentication bypass — and a refresher on the sudo ssh GTFObin.