Week starting: 9th February 2026
This was a productive week with a good mix of content creation, learning, and real-world CTF authoring experience.
What I worked on
Content:
- Published two blog posts:
- “The Best Labs Are the Broken Ones”
- “The Problem with ‘Just Google It’ (And Now, ‘Just Ask AI’)”
Site Work:
- Configured Google Analytics on the blog (just for fun) Took inspiration from 0xdf
Learning:
- Attended a HTB meetup session covering a Season 10 machine
- Made solid progress on the Active Directory course, specifically diving into Unauthenticated Enumeration
- Worked through several Sherlocks on HTB to keep defensive skills sharp
CTF Authoring:
- My OSINT challenge for 0xfun CTF went live this weekend
- 17 solves over 48 hours
- Feedback was mostly positive (though some players had… strong opinions about the difficulty)
- Currently focused on authoring challenges for another CTF happening next weekend
Key takeaways
The OSINT challenge experience was valuable. Watching players solve it in real-time, seeing their approaches, and reading the feedback; both the constructive and the “I wanted to finish you” variety, gave me insight into how difficulty is perceived vs. intended.
The AD course content on unauthenticated enumeration is connecting a lot of dots. Understanding what attackers can learn before credentials makes the defensive side much more interesting as I try and trace the trails of those activities.
Publishing two blogs in one week felt good. The rhythm is settling in.
Challenges and friction
Balancing CTF authoring deadlines with learning and content creation required some juggling. The week was busy, but manageable with the routine now in place.
Looking ahead
Next week’s focus:
- Finalize challenges for another upcoming CTF (next weekend)
- Continue the AD course
- Possibly start drafting another blog post (got a few ideas in place)
- Work on 0xfun Osint Challenge Writeup
Building, learning, and shipping; week 5 done.