Blog on nhantouli

AutopsyMCP

Wed, 27 May 2026 00:00:00 +0000

Building and evaluating AutopsyMCP: a natural language interface for Autopsy built on the Model Context Protocol. What worked, what failed, and what it means for AI in forensic workflows.

CyberSoc IntakeCTF 2024

Fri, 04 Oct 2024 00:00:00 +0000

Writeup for the challenge I created for this year’s IntakeCTF at Warwick.

WordPress CVE Reversing

Mon, 26 Aug 2024 00:00:00 +0000

Reversing CVEs in WordPress Plugins to learn more complex exploitation techniques.

Threat Intelligence with T-Pot

Mon, 05 Aug 2024 00:00:00 +0000

Studying adversary tactics with a honeypot that’s been running for less than a month.

pwnable.kr writeups

Wed, 10 Jul 2024 00:00:00 +0000

This post details my writeups for a few of the challenges at pwnable.kr – a wargame site for pwn challenges. As I make my way through the the other challenges I’ll periodically update this page with additional writeups. I may also work through the Nightmare course to get better at binary exploitation/reverse engineering as I’ve heard positive feedback about it.

fd:

Mommy! what is a file descriptor in Linux?
ssh fd@pwnable.kr -p2222 (pw:guest)

Solution:

There are 3 files provided: the binary fd, the source code fd.c and a flag file flag.

picoCTF flag_shop writeup

Sun, 17 Sep 2023 00:00:00 +0000

This is a write-up for the picoCTF challenge “flag_shop”. PicoCTF is a CTF (Capture the Flag) platform created by Carnegie Mellon University to solve challenges in six different cyber security domains including web exploitation, reverse engineering, binary exploitation, and more. Writeups for this challenge were fragmented and lacked detail, so I took a crack at it to help bring some clarity!

Description:

Solution:

In this challenge we deal with a simple flag store and are provided its source written in C.