<?xml version="1.0" encoding="utf-8" standalone="yes"?><?xml-stylesheet type="text/xsl" href="/blog/rss.xsl"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Posts on zx10r Security Notes</title><link>https://portfolio.aimansam.my/blog/posts/</link><description>Security notes, lab writeups, CTF lessons, and practical methodology entries from zx10r Security Notes.</description><language>en-us</language><lastBuildDate>Mon, 11 May 2026 00:00:00 +0800</lastBuildDate><atom:link href="https://portfolio.aimansam.my/blog/posts/index.xml" rel="self" type="application/rss+xml"/><item><title>B2R Monster Corporate Writeup</title><link>https://portfolio.aimansam.my/blog/posts/monster-corporate/</link><pubDate>Mon, 11 May 2026 00:00:00 +0800</pubDate><guid>https://portfolio.aimansam.my/blog/posts/monster-corporate/</guid><description>A boot-to-root writeup for Monster Corporate, covering SMB enumeration, WordPress admin access, plugin RCE, lateral movement with xxd, and cron-based privilege escalation.</description></item><item><title>Active Directory Lab Notes: Enumeration, Trust Paths, and Privilege Escalation</title><link>https://portfolio.aimansam.my/blog/posts/active-directory-lab-notes/</link><pubDate>Sat, 09 May 2026 18:40:00 +0800</pubDate><guid>https://portfolio.aimansam.my/blog/posts/active-directory-lab-notes/</guid><description>Notes from building and attacking an Active Directory lab, focused on domain enumeration, trust paths, and escalation patterns.</description></item><item><title>A Practical Web Exploitation Workflow for CTFs and Labs</title><link>https://portfolio.aimansam.my/blog/posts/web-exploitation-workflow/</link><pubDate>Sat, 09 May 2026 11:10:00 +0800</pubDate><guid>https://portfolio.aimansam.my/blog/posts/web-exploitation-workflow/</guid><description>A disciplined web testing workflow for mapping application behavior, finding logic flaws, and proving impact cleanly.</description></item><item><title>My First CTF: Enumeration Lessons That Made Exploitation Click</title><link>https://portfolio.aimansam.my/blog/posts/my-first-ctf/</link><pubDate>Wed, 06 May 2026 00:34:31 +0800</pubDate><guid>https://portfolio.aimansam.my/blog/posts/my-first-ctf/</guid><description>How my first rooted CTF target taught me to slow down, enumerate carefully, and turn small signals into a full attack path.</description></item></channel></rss>