// offensive security · penetration testing · research

Tyler Vaughan
Cybersecurity Portfolio

Welcome. I'm Tyler. I am an aspiring cybersecurity professional. This site is where I keep an evolving record of what I've worked on.

Read writeups → About me

Recent writeups

all writeups →

2026.06.12 htb · web · ssti · firejail · rust · linux · medium

HTB: Sandworm — SSTI to Root via Rust Crate Hijacking

A walkthrough of HackTheBox Sandworm, demonstrating a PGP-based SSTI foothold, lateral movement through Rust crate hijacking, and privilege escalation via CVE-2022-31214 in Firejail.

2026.05.08 htb · active-directory · kerberos · bloodhound

HTB: Forest — AS-REP Roasting to Domain Admin

A walkthrough of HackTheBox Forest, demonstrating an AS-REP roast → BloodHound → DCSync attack chain on a misconfigured Active Directory environment.

Tyler Vaughan
Cybersecurity Portfolio

Recent writeups

HTB: Sandworm — SSTI to Root via Rust Crate Hijacking

HTB: Forest — AS-REP Roasting to Domain Admin

Recent posts

My OSCP+ Journey: Preparation, Failure, and What Finally Got Me Certified

Why I'm building this site

Tyler VaughanCybersecurity Portfolio

Recent writeups

HTB: Sandworm — SSTI to Root via Rust Crate Hijacking

HTB: Forest — AS-REP Roasting to Domain Admin

Recent posts

My OSCP+ Journey: Preparation, Failure, and What Finally Got Me Certified

Why I'm building this site

Tyler Vaughan
Cybersecurity Portfolio