https://busolj.github.io/need to fill this up 2025-08-26T02:18:22+00:00 João Pedro Buso Leite https://busolj.github.io/ Jekyll © 2025 João Pedro Buso Leite /assets/img/favicons/favicon.ico /assets/img/favicons/favicon-96x96.png 2025-08-25T00:00:00+00:00 2025-08-25T00:00:00+00:00 https://busolj.github.io/posts/data-validation-with-python/ João Pedro Buso Leite

Disclaimer: This post focuses on the core idea and technical approach. It does not disclose sensitive details or internal processes of any institution. When working as a Vulnerability Analyst, I noticed a recurring problem: our team spent hours performing repetitive, manual data validation tasks. Every analysis required cross-checking large datasets, cleaning information, and generating repor...

2025-08-21T00:00:00+00:00 2025-08-21T00:00:00+00:00 https://busolj.github.io/posts/thm-rootme/ João Pedro Buso Leite

Hi folks, I hope you all are doing well. This CaptureTheFlag is about service misconfiguration, where it’s possible to connect into the target using FTP with the user Anonymous and use the tar command to escalate the privileges to root. To avoid this kind of situation, the SA (System Administrator) should not let services like FTP configured wrong and should take care of the sudo permission, a...

2025-08-21T00:00:00+00:00 2025-08-21T00:00:00+00:00 https://busolj.github.io/posts/thm-pickle-rick/ João Pedro Buso Leite

Hi everyone. This Capture the Flag is about a web server exploitation, focusing on reconnaissance and Linux knowledge, where the administrator let some credentials inside the source code, which allows access the web server and with help of some misconfigured Linux permissions, it’s able to escalate the privileges into root. To avoid this kind of issue, the developers and the SA (System Adminis...