A living portfolio of hands-on offensive security practice — one flag at a time.
Hi, I'm Harshil Makwana, a cybersecurity practitioner actively building depth across offensive security, web exploitation, network analysis, and more. This repository is my public technical portfolio — a structured record of every CTF challenge I've solved, the methodology I applied, and what I learned.
I'm open to cybersecurity roles across:
🌍 International: Netherlands · Singapore · Switzerland · Norway · Germany · Finland
🇮🇳 India: Bangalore · Pune · Hyderabad · Gurugram · Noida
If you're a recruiter, hiring manager, or team lead in any of these locations — feel free to explore the writeups. They reflect how I think through problems, not just what tools I know.
Every writeup here documents the full thought process — the right paths, the wrong turns, and the reasoning behind every decision. If I went down a rabbit hole before finding the solution, that's in here too. Those detours are usually where the actual learning happens.
This repo is not a trophy cabinet. It's a notebook that shows how I approach security problems under pressure — which is closer to real-world work than any certification can be.
All challenges in this repo are solved on TryHackMe — exclusively CTFs.
CTF-Writeups/
│
├── TryHackMe Rooms/
│
└── Resources/
└── cheatsheets, notes, useful references
Structure evolves as the repo grows. Kept intentionally logical and navigable.
The writeups collectively cover a wide range of domains relevant to penetration testing, SOC analysis, red teaming, and security engineering roles:
| Domain | Topics |
|---|---|
| Web Exploitation | SQLi, XSS, SSRF, IDOR, auth bypasses, deserialization |
| Privilege Escalation | Linux & Windows misconfigs, SUID/GUID abuse, kernel exploits |
| Binary Exploitation & Reversing | Buffer overflows, ROP chains, disassembly, binary patching |
| Cryptography | Classic ciphers, RSA flaws, hash cracking, custom crypto |
| Forensics | Disk/memory analysis, steganography, packet capture |
| Active Directory | Kerberoasting, Pass-the-Hash, BloodHound enumeration, lateral movement |
| Network Analysis | Wireshark, traffic inspection, protocol analysis |
| OSINT | Recon techniques, metadata analysis, open-source intelligence |
nmap · gobuster / ffuf · Burp Suite · netcat · pwntools · GDB / peda · IDA Free / Ghidra · Volatility · Wireshark · CyberChef · hashcat / john · BloodHound / SharpHound · Impacket · Metasploit · sqlmap · LinPEAS / WinPEAS
Platform: TryHackMe | Rooms Completed: 12
| # | Room | Difficulty | Primary Domain(s) |
|---|---|---|---|
| 1 | Simple CTF | 🟢 Easy | 🌐 Web · 🔺 Privilege Escalation |
| 2 | Mindgames | 🟡 Medium | 🔐 Cryptography · 🌐 Web |
| 3 | The Marketplace | 🟡 Medium | 🌐 Web Exploitation |
| 4 | Bookstore | 🟢 Easy | 🌐 Web · API Exploitation |
| 5 | JPGChat | 🟢 Easy | 🌐 Web · Command Injection |
| 6 | VulnNet | 🟡 Medium | 🖥️ Network Analysis · 🔺 Privilege Escalation |
| 7 | Unstable Twin | 🟡 Medium | 🌐 Web · 🔺 Privilege Escalation |
| 8 | Biteme | 🟡 Medium | 🌐 Web · Brute Force |
| 9 | Billing | 🟢 Easy | 🌐 Web · 🔺 Privilege Escalation |
| 10 | Light | 🟢 Easy | 🌐 Web · SQLi |
| 11 | GoldenEye | 🟡 Medium | 🖥️ Network Analysis · 🌐 Web |
| 12 | Madness | 🟢 Easy | 🔬 Forensics · 🔺 Privilege Escalation |
Key: 🌐 Web · 🔺 Privilege Escalation · 🔬 Forensics · 🖥️ Network Analysis · 🔐 Cryptography
Domain tags are approximate — update any that don't accurately reflect a room's focus.
Certifications tell you what someone studied. This repo tells you how someone thinks.
Here's what you'll find evidence of in these writeups:
- Structured problem-solving under ambiguity — no one hands you hints in a real engagement
- Tool proficiency across the full offensive stack — not just one specialisation
- Documentation discipline — writeups are clear, reproducible, and methodical
- Self-directed learning — every challenge here was pursued independently
- Security mindset — understanding why vulnerabilities exist, not just how to exploit them
- Retention — Writing it down forces genuine understanding, not just lucky payloads.
- Portfolio — A live record of real problem-solving that speaks louder than a certificate list.
- Community — CTF culture runs on knowledge sharing. Someone helped me at some point (a blog post, a hint, a Discord message) — this is how I give that back.
All writeups are for retired rooms and released challenges. No active challenge solutions are posted here — that's against platform rules, and it defeats the point anyway.
Open to opportunities, collaborations, and conversations about security.
- GitHub: @Harshil015
- TryHackMe: flag.raider · justflagging
- LinkedIn: linkedin.com/in/harshilmakwana
The flags are retired. The skills aren't.