TryHackMeMedium
No Name CTF - TryHackMe Writeup
Room
No Name CTF- TryHackMe Writeup
root@cyber:~
$whoami
> Shivang Tiwari
a.k.a sh1v4ng
$cat ./role.txt
Security Engineer (Red Team Research & Offensive Security)
$cat ./mission.txt
Primary focus on red team security research and VAPT, with automation to scale testing and a light touch on blue/purple fundamentals.
$โ
scroll down
///
About.me
I'm Shivang Tiwari โ a Security Engineer focused on red team research, VAPT, and web/API/cloud attack paths. Currently building AI-powered vulnerability detection at Astra Security.
Explore my work on GitHub ยท CV ยท Resume (PDF)
63
CTF Writeups
1
Research Blogs
27
Security Notes
30+
CTF Events
Top 1%
TryHackMe Rank
5+
Events Organised
1+ Year
Experience
BFCET'24
Hackathon Runners Up
Profiles You Might Find Interesting
TryHackMe
A gamified, hands-on cyber security training platform with blue, red and purple team content for all skill levels.
picoCTF
Beginner-friendly CTF challenges by Carnegie Mellon University. Learn cybersecurity through hands-on challenges.
CTFTime
The main aggregator of CTF competitions and team rankings. Track CTF events and team performance worldwide.
///
Skills.matrix
Attack Chaining & Exploitation92%
Reconnaissance & Attack Surface Mapping90%
Threat Modelling & Risk Analysis88%
Web/API Exploitation (OWASP Top 10)92%
> Key tools:
Burp SuiteOWASP ZAPSQLMapNmapGobusterMetasploit
> Tech stack:
>Additional expertise:
Advanced Persistent Threat SimulationAttack Chain DevelopmentDAST / SAST Pipeline EngineeringAI-Driven Vulnerability DetectionAutonomous Security AgentsCloud Offense & Defense (AWS)API Fuzzing & Business Logic AbuseWAF / IDS Evasion TechniquesThreat Intelligence & ModellingIncident Response & TriageDetection Engineering (Sigma/YARA)Security Automation & Orchestration
///
CTF_Writeups.log
$ cat ./writeups/* | grep -i "interesting"
TryHackMeMedium
Corp Website - TryHackMe Writeup | React2Shell RCE to Root
Room
Corp Website TryHackMe writeup โ Love At First Breach 2026: CVE-2025-55182 React2Shell unauthenticated RCE, Dockerfile leak, and sudo python3 privilege escalation.
TryHackMeEasy
CupidBot - TryHackMe Writeup | LLM Prompt Injection to Three Flags
Room
CupidBot TryHackMe writeup โ Love At First Breach 2026: prompt injection, system prompt leakage, and role impersonation to capture all three flags.
TryHackMeEasy
Cupid's Matchmaker - TryHackMe Writeup | Stored XSS to Admin Bot Flag Theft
Room
Cupid's Matchmaker TryHackMe writeup โ Love At First Breach 2026: stored XSS in survey, admin bot review, and exfiltration of /flag to capture the flag.