<?xml version="1.0" encoding="utf-8" standalone="yes"?><?xml-stylesheet type="text/xsl" href="/blog/rss.xsl"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Writeups on zx10r Security Notes</title><link>https://portfolio.aimansam.my/blog/categories/writeups/</link><description>CTF and lab writeups focused on attack paths, enumeration decisions, and lessons learned.</description><language>en-us</language><lastBuildDate>Mon, 11 May 2026 00:00:00 +0800</lastBuildDate><atom:link href="https://portfolio.aimansam.my/blog/categories/writeups/index.xml" rel="self" type="application/rss+xml"/><item><title>B2R Monster Corporate Writeup</title><link>https://portfolio.aimansam.my/blog/posts/monster-corporate/</link><pubDate>Mon, 11 May 2026 00:00:00 +0800</pubDate><guid>https://portfolio.aimansam.my/blog/posts/monster-corporate/</guid><description>A boot-to-root writeup for Monster Corporate, covering SMB enumeration, WordPress admin access, plugin RCE, lateral movement with xxd, and cron-based privilege escalation.</description></item><item><title>My First CTF: Enumeration Lessons That Made Exploitation Click</title><link>https://portfolio.aimansam.my/blog/posts/my-first-ctf/</link><pubDate>Wed, 06 May 2026 00:34:31 +0800</pubDate><guid>https://portfolio.aimansam.my/blog/posts/my-first-ctf/</guid><description>How my first rooted CTF target taught me to slow down, enumerate carefully, and turn small signals into a full attack path.</description></item></channel></rss>