Cybersecurity and comfy tech posts by Yashhttps://yashfren.net/en-ushttps://yashfren.net/blogs/week-22-2026/https://yashfren.net/blogs/week-22-2026/Learning Math and setting up this cool new blog siteMon, 08 Jun 2026 00:00:00 GMTmischttps://yashfren.net/blogs/week-21-2026/https://yashfren.net/blogs/week-21-2026/Attending another local cybersec meetup and learning C.Tue, 02 Jun 2026 00:00:00 GMTmischttps://yashfren.net/blogs/week-20-2026/https://yashfren.net/blogs/week-20-2026/Finishing the third CWEE module and attending my local cybersec meetup.Mon, 25 May 2026 00:00:00 GMTmischttps://yashfren.net/blogs/week-19-2026/https://yashfren.net/blogs/week-19-2026/Finally done with college.Tue, 19 May 2026 00:00:00 GMTmischttps://yashfren.net/blogs/week-18-2026/https://yashfren.net/blogs/week-18-2026/A late update.Tue, 12 May 2026 00:00:00 GMTmischttps://yashfren.net/blogs/week-17-2026/https://yashfren.net/blogs/week-17-2026/Learning git and starting CWEE prepSun, 03 May 2026 00:00:00 GMTmischttps://yashfren.net/blogs/git-cheatsheet/https://yashfren.net/blogs/git-cheatsheet/A comprehensive Git and GitHub cheatsheet covering everything from setup to advanced features like bisect, worktrees, and interactive rebase.Sat, 02 May 2026 00:00:00 GMTmischttps://yashfren.net/blogs/week-16-2026/https://yashfren.net/blogs/week-16-2026/Spending half my paycheck on a new SSD and learning git.Sun, 26 Apr 2026 00:00:00 GMTmischttps://yashfren.net/blogs/week-15-2026/https://yashfren.net/blogs/week-15-2026/Spending my 23rd Birthday fixing Windows fuck ups and wasting a weekend after getting drunk asf...Mon, 20 Apr 2026 00:00:00 GMTmischttps://yashfren.net/blogs/week-14-2026/https://yashfren.net/blogs/week-14-2026/BSCP done, busy with internship. So much to do, so little time...Sun, 12 Apr 2026 00:00:00 GMTmischttps://yashfren.net/blogs/bscp-review/https://yashfren.net/blogs/bscp-review/My journey from web security noob to passing Portswigger's BSCP certification, with practical exam tips and lessons learned.Wed, 08 Apr 2026 00:00:00 GMTcybersechttps://yashfren.net/blogs/week-13-2026/https://yashfren.net/blogs/week-13-2026/Failing BSCP, then passing (sort of)Mon, 06 Apr 2026 00:00:00 GMTmischttps://yashfren.net/blogs/week-12-2026/https://yashfren.net/blogs/week-12-2026/I couldn't attempt the BSCP lolMon, 30 Mar 2026 00:00:00 GMTmischttps://yashfren.net/blogs/prototype-pollution-portswiggerlabs-walkthrough/https://yashfren.net/blogs/prototype-pollution-portswiggerlabs-walkthrough/An intro to Prototype Pollution vulnerabilities and walkthrough of all 10 portswigger labsTue, 24 Mar 2026 00:00:00 GMTcybersechttps://yashfren.net/blogs/week-11-2026/https://yashfren.net/blogs/week-11-2026/Completing 100% of portswiggerSun, 22 Mar 2026 00:00:00 GMTmischttps://yashfren.net/blogs/jwt-attacks-portswiggerlabs-walkthrough/https://yashfren.net/blogs/jwt-attacks-portswiggerlabs-walkthrough/An intro to JWT Attacks vulnerabilities and walkthrough of all 8 portswigger labsThu, 19 Mar 2026 00:00:00 GMTcybersechttps://yashfren.net/blogs/oauth-authentication-portswiggerlabs-walkthrough/https://yashfren.net/blogs/oauth-authentication-portswiggerlabs-walkthrough/An intro to OAuth Authentication vulnerabilities and walkthrough of all 6 portswigger labsSun, 15 Mar 2026 00:00:00 GMTcybersechttps://yashfren.net/blogs/week-10-2026/https://yashfren.net/blogs/week-10-2026/2 more topics to goSun, 15 Mar 2026 00:00:00 GMTmischttps://yashfren.net/blogs/requestsmuggling-portswiggerlabs-walkthrough/https://yashfren.net/blogs/requestsmuggling-portswiggerlabs-walkthrough/An intro to HTTP Request Smuggling vulnerabilities and walkthrough of all 22 portswigger labsFri, 13 Mar 2026 00:00:00 GMTcybersechttps://yashfren.net/blogs/week-9-2026/https://yashfren.net/blogs/week-9-2026/90% Portswigger doneSun, 08 Mar 2026 00:00:00 GMTmischttps://yashfren.net/blogs/hostheader-portswiggerlabs-walkthrough/https://yashfren.net/blogs/hostheader-portswiggerlabs-walkthrough/An intro to HTTP Host Header Attacks vulnerabilities and walkthrough of all 7 portswigger labsMon, 02 Mar 2026 00:00:00 GMTcybersechttps://yashfren.net/blogs/week-8-2026/https://yashfren.net/blogs/week-8-2026/80% Portswigger doneMon, 02 Mar 2026 00:00:00 GMTmischttps://yashfren.net/blogs/wcp-portswiggerlabs-walkthrough/https://yashfren.net/blogs/wcp-portswiggerlabs-walkthrough/An intro to Web Cache Poisoning vulnerabilities and walkthrough of all 13 portswigger labsMon, 23 Feb 2026 00:00:00 GMTcybersechttps://yashfren.net/blogs/week-7-2026/https://yashfren.net/blogs/week-7-2026/6 topics left until Portswigger is done for goodMon, 23 Feb 2026 00:00:00 GMTmischttps://yashfren.net/blogs/ssti-portswiggerlabs-walkthrough/https://yashfren.net/blogs/ssti-portswiggerlabs-walkthrough/An intro to SSTI vulnerabilities and walkthrough of all 7 portswigger labsFri, 20 Feb 2026 00:00:00 GMTcybersechttps://yashfren.net/blogs/graphql-portswiggerlabs-walkthrough/https://yashfren.net/blogs/graphql-portswiggerlabs-walkthrough/An intro to GraphQL API vulnerabilities and walkthrough of all 5 portswigger labsThu, 19 Feb 2026 00:00:00 GMTcybersechttps://yashfren.net/blogs/week-6-2026/https://yashfren.net/blogs/week-6-2026/Starting advanced topics on portswiggerSun, 15 Feb 2026 00:00:00 GMTmischttps://yashfren.net/blogs/web-llm-attacks-portswiggerlabs-walkthrough/https://yashfren.net/blogs/web-llm-attacks-portswiggerlabs-walkthrough/An intro to Web LLM Attacks and walkthrough of all 4 portswigger labsSat, 14 Feb 2026 00:00:00 GMTcybersechttps://yashfren.net/blogs/insecure-deserialization-portswiggerlabs-walkthrough/https://yashfren.net/blogs/insecure-deserialization-portswiggerlabs-walkthrough/An intro to Insecure Deserialization and walkthrough of all 10 portswigger labsFri, 13 Feb 2026 00:00:00 GMTcybersechttps://yashfren.net/blogs/clickjacking-dombasedvulns-websockets-portswiggerlabs-walkthrough/https://yashfren.net/blogs/clickjacking-dombasedvulns-websockets-portswiggerlabs-walkthrough/Client-side vulnerabilities walkthrough - Clickjacking, DOM-based XSS, and WebSocketsSun, 08 Feb 2026 00:00:00 GMTcybersechttps://yashfren.net/blogs/week-5-2026/https://yashfren.net/blogs/week-5-2026/Finishing Client Side vulnerabilities and moreSun, 08 Feb 2026 00:00:00 GMTmischttps://yashfren.net/blogs/week-4-2026/https://yashfren.net/blogs/week-4-2026/Start of BSCP PrepSun, 01 Feb 2026 00:00:00 GMTmischttps://yashfren.net/blogs/csrf-cors-portswiggerlabs-walkthrough/https://yashfren.net/blogs/csrf-cors-portswiggerlabs-walkthrough/A comprehensive guide to CSRF and CORS vulnerabilities with walkthroughs of all 15 Portswigger labsSat, 31 Jan 2026 00:00:00 GMTcybersechttps://yashfren.net/blogs/week-3-2026/https://yashfren.net/blogs/week-3-2026/We are so back! or are we...?Sun, 25 Jan 2026 00:00:00 GMTmischttps://yashfren.net/blogs/week-2-2026/https://yashfren.net/blogs/week-2-2026/My laptop died broSat, 17 Jan 2026 00:00:00 GMTmischttps://yashfren.net/blogs/week-1-2026/https://yashfren.net/blogs/week-1-2026/Update 1 week into this yearSun, 11 Jan 2026 00:00:00 GMTmischttps://yashfren.net/blogs/week-0-2026/https://yashfren.net/blogs/week-0-2026/Plans for this year, goals and stuff to learnSun, 04 Jan 2026 00:00:00 GMTmischttps://yashfren.net/blogs/wcd-portswiggerlabs-walkthrough/https://yashfren.net/blogs/wcd-portswiggerlabs-walkthrough/A comprehensive guide to web cache deception vulnerabilities with walkthroughs of all 5 Portswigger labsSat, 22 Nov 2025 00:00:00 GMTcybersechttps://yashfren.net/blogs/apitesting-portswiggerlabs-walkthrough/https://yashfren.net/blogs/apitesting-portswiggerlabs-walkthrough/A comprehensive guide to API testing vulnerabilities with walkthroughs of all 5 Portswigger labsFri, 21 Nov 2025 00:00:00 GMTcybersechttps://yashfren.net/blogs/nosqli-portswiggerlabs-walkthrough/https://yashfren.net/blogs/nosqli-portswiggerlabs-walkthrough/A comprehensive guide to NoSQL injection vulnerabilities with walkthroughs of all 4 Portswigger labsWed, 19 Nov 2025 00:00:00 GMTcybersechttps://yashfren.net/blogs/xxe-portswiggerlabs-walkthrough/https://yashfren.net/blogs/xxe-portswiggerlabs-walkthrough/A comprehensive guide to XML External Entity (XXE) vulnerabilities with walkthroughs of all 9 Portswigger labsTue, 18 Nov 2025 00:00:00 GMTcybersechttps://yashfren.net/blogs/ssrf-portswiggerlabs-walkthrough/https://yashfren.net/blogs/ssrf-portswiggerlabs-walkthrough/A comprehensive guide to Server-Side Request Forgery vulnerabilities with walkthroughs of all 7 Portswigger labsSat, 15 Nov 2025 00:00:00 GMTcybersechttps://yashfren.net/blogs/raceconditions-portswiggerlabs-walkthrough/https://yashfren.net/blogs/raceconditions-portswiggerlabs-walkthrough/A comprehensive guide to race condition vulnerabilities with walkthroughs of all 6 Portswigger labsThu, 13 Nov 2025 00:00:00 GMTcybersechttps://yashfren.net/blogs/fileuploadvulnerabilities-portswiggerlabs-walkthrough/https://yashfren.net/blogs/fileuploadvulnerabilities-portswiggerlabs-walkthrough/An intro File Upload Vulnerabilities and walkthrough of all 7 portswigger labsTue, 11 Nov 2025 00:00:00 GMTcybersechttps://yashfren.net/blogs/informationdisclosure-portswiggerlabs-walkthrough/https://yashfren.net/blogs/informationdisclosure-portswiggerlabs-walkthrough/An intro to Information Disclosure Vulnerabilities and walkthrough of all 5 portswigger labsSat, 08 Nov 2025 00:00:00 GMTcybersechttps://yashfren.net/blogs/accesscontrolvulnerabilities-portswiggerlabs-walkthrough/https://yashfren.net/blogs/accesscontrolvulnerabilities-portswiggerlabs-walkthrough/An intro to Access Control Vulnerabilities and walkthrough of all 13 portswigger labsWed, 05 Nov 2025 00:00:00 GMTcybersechttps://yashfren.net/blogs/businesslogicvulnerabilities-portswiggerlabs-walkthrough/https://yashfren.net/blogs/businesslogicvulnerabilities-portswiggerlabs-walkthrough/An intro to Business Logic Vulnerabilities and walkthrough of all 12 portswigger labsMon, 27 Oct 2025 00:00:00 GMTcybersechttps://yashfren.net/blogs/oscommandinjection-portswiggerlabs-walkthrough/https://yashfren.net/blogs/oscommandinjection-portswiggerlabs-walkthrough/An intro to OS Command Injection and walkthrough of all 6 portswigger labsWed, 22 Oct 2025 00:00:00 GMTcybersechttps://yashfren.net/blogs/pathtraversal-portswiggerlabs-walkthrough/https://yashfren.net/blogs/pathtraversal-portswiggerlabs-walkthrough/An intro to Path Traversal and walkthrough of all 6 portswigger labsMon, 20 Oct 2025 00:00:00 GMTcybersechttps://yashfren.net/blogs/authvuln-portswiggerlabs-walkthrough/https://yashfren.net/blogs/authvuln-portswiggerlabs-walkthrough/An intro to Authentication Vulnerabilities and walkthrough of all 14 portswigger labsSun, 19 Oct 2025 00:00:00 GMTcybersechttps://yashfren.net/blogs/sqli-portswiggerlabs-walkthrough/https://yashfren.net/blogs/sqli-portswiggerlabs-walkthrough/An intro to SQL injection and walkthrough of all 18 portswigger labsThu, 02 Oct 2025 00:00:00 GMTcybersechttps://yashfren.net/blogs/nomoreoscp/https://yashfren.net/blogs/nomoreoscp/A brief post on why I am ditching the OSCP and what I will be doing insteadTue, 30 Sep 2025 00:00:00 GMTmischttps://yashfren.net/blogs/reportingtips/https://yashfren.net/blogs/reportingtips/A step by step guide of how I approached reporting for CPTS and passed in the first attemptFri, 15 Aug 2025 00:00:00 GMTcybersechttps://yashfren.net/blogs/cptsexperience/https://yashfren.net/blogs/cptsexperience/My journey from beginner to passing HTB's CPTS certification, with practical exam tips and lessons learned.Sun, 03 Aug 2025 00:00:00 GMTcybersechttps://yashfren.net/blogs/week3oscpprep/https://yashfren.net/blogs/week3oscpprep/Passing the CPTS, an existential crisis and burnoutSun, 03 Aug 2025 00:00:00 GMTmischttps://yashfren.net/blogs/week2oscpprep/https://yashfren.net/blogs/week2oscpprep/Another week of waiting for my CPTS results and solving XSS labsTue, 29 Jul 2025 00:00:00 GMTmischttps://yashfren.net/blogs/xss-portswiggerlabs-walkthrough/https://yashfren.net/blogs/xss-portswiggerlabs-walkthrough/An intro to Cross Site Scripting and walkthrough of all 30 portswigger labsMon, 28 Jul 2025 00:00:00 GMTcybersechttps://yashfren.net/blogs/week1oscpprep/https://yashfren.net/blogs/week1oscpprep/Where have I been? Update on the CPTS journey, and the start of the OSCP journeyMon, 21 Jul 2025 00:00:00 GMTmischttps://yashfren.net/blogs/footprinting/https://yashfren.net/blogs/footprinting/Footprinting common servicesSun, 16 Mar 2025 00:00:00 GMTcybersechttps://yashfren.net/blogs/nmap/https://yashfren.net/blogs/nmap/A detailed cheatsheet for using Nmap in penetration testing.Sun, 09 Mar 2025 00:00:00 GMTcybersec