How NOT to store secrets in Docker Containers: 3 mistakes to avoid

Think your secrets are safe in Docker? Think again! Storing sensitive data the wrong way can expose passwords, API keys, and certificates to attackers. In this post, we’ll explore three risky methods and a better alternative to keep your secrets secure in containerized environments.

Root Access Series: I see (docker) daemons.

Discover how misconfigured Docker daemons can be leveraged to access restricted files and escalate privileges. This guide walks you through mounting volumes, exploiting containers, and securing your system. A must-read for hackers and sysadmins alike!

My CyberSecurity Journey for 2025

Join me on my 2025 cybersecurity journey! From bug bounty hunting and Hack The Box VIP challenges to mastering Android security and revisiting digital forensics, this year is all about growth and consistency. Let’s learn, share, and hack together—one step at a time.

Root Access Series: did someone forget a CronJob?

As the title suggests, in this article, we’ll dive into another exciting way to gain precious root access—this time by exploiting forgotten cronjobs. But first, if you’re new here or missed the previous article in this series, be sure to check out Part I. It's

Root Access Series: as quick as the snap of your fingers

Discover how to quickly gain root access on Unix systems in this first article of the Root Access Series. Perfect for CTF players or anyone needing to bypass permissions on a server, this guide shows how to exploit misconfigured binaries like vim and find using the powerful GTFOBins guide.

Does anyone know what’s going on here?

Welcome to my blog! I’m Ori, an Application Security Engineer exploring cybersecurity, digital forensics, and creative hobbies. Expect a mix of tech journeys, DIY projects, and random musings—like my thoughts on books. Let’s share laughs, lessons, and adventures together.