# About Calvin Lai (fkclai) This blog serves as an open personal journal where I document all of my experiences with platforms like [HTB ](https://www.hackthebox.com/)& [VulnHub](https://www.vulnhub.com/), CVE Exploit Proof-of-Concepts, exploitation guides, Offensive Security cheat sheets, penetration testing insights, application security coding practices, my perspective on establishing an Information Security Center, and study materials related to Information Security. Most of the techniques recorded here are coming from the Internet by other security researchers. I just reference it and try to consolidate, rethink and reuse it. This is my way of learning, doing, reading, following, and reviewing. Finally, take notes for future study. My Contribution * Social Community * Defensive Security This blog contains the following topics: * [Information Security Centre](/calvin-lai-security/cyber-security/cyber-security-centre-csc.md) * [Application Architecture ](/calvin-lai-security/application-architecture/student-module-registration-flow-series-using-microservices-and-event-driven-architecture.md) * [Application Security](/calvin-lai-security/application-security/securing-react-native-applications-with-java-microservices.md) * [Exploit/CVE PoC](/calvin-lai-security/exploit-cve-poc/exploiting-missing-authentication-in-palo-alto-networks-expedition.md) * [Hacking Report (HTB)](/calvin-lai-security/hack-the-box-writeup/htb-hits-and-summary.md) * [Penetration Testing Work List](/calvin-lai-security/penetration-testing/web-application-pentest.md) * [Red Team (Windows)](/calvin-lai-security/red-team-windows/01-reconnaissance.md) * [Exploitation Guide](/calvin-lai-security/tools/01-reconnaissance.md) * [VulnHub Writeup](/calvin-lai-security/vuln-hub-writeup/mrrobot.md) * [CTF Writeup & Tips](/calvin-lai-security/ctf-writeup/ctf-tools-and-tips.md) * [Useful Command & Tools](/calvin-lai-security/useful-command/kali.md) * [Offensive Security Lab & Exam Tips](/calvin-lai-security/oscp-lab-and-exam/lab.md) * [ISO 27001](/calvin-lai-security/iso-27001/what-is-iso-27001.md) {% hint style="warning" %} #### Disclaimer All material on this website is intended solely for training and academic use. Please be aware that the notes provided here may contain errors. It is highly recommended that you verify the information by consulting the internet and conducting your research. There are multiple methods to achieve the same goals, so feel free to explore and be creative in your approach. Finally, the content shared on this website does not represent the structure, functions, program coding, or tools of any specific organization. My aim is to provide general knowledge and insights to help you understand the importance and complexities of cybersecurity. {% endhint %} {% hint style="info" %} Do not expect the note completed without error. Do check the Internet and try it yourself. Do remember there are many ways to do the same things. Be creative in your work. {% endhint %} > Some people live in dream world; some people live in reality; some make one into the other. > Shoot for the moon, Even if you miss, you'll land among the stars. > 心態 決定境界 態度 決定高度 ![](/files/-MHdh3xL7sry0lPVhVGe) {% embed url="" %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://calvin-lai.gitbook.io/calvin-lai-security/master.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.