Home | timsonner.com

Welcome to my Cybersecurity blog where I share tutorials, projects, and insights from my experience and research.

Welcome, visitor!

Terminal

guest@timsonner.com:~

Welcome to timsonner.com Terminal v1.0.0

Type 'help' to see available commands.

guest@timsonner.com:~$

Email Parser

Upload a .eml file or paste raw email content to parse headers, body, and extract attachments. All processing is done locally in your browser.

Proxy Browser

      Ready — enter a URL above
    

        Enter a URL above to begin
      

How it works

Proxy Fetch mode — fetches the target page HTML through a CORS proxy chain (corsproxy.io → allorigins.win → thingproxy.freeboard.io). A <base href> tag is injected so relative assets resolve correctly. A nav interceptor script is also injected so link clicks and form submissions are routed back through the proxy rather than breaking out. Useful for inspecting phishing pages without giving them a real browser session.

Direct iframe mode — sets the iframe src directly. Will be blocked by any site that sets X-Frame-Options or CSP: frame-ancestors.

Latest Posts

Jan 3, 2026
TryHackMe - Cheese CTF

Exploiting LFI via PHP filter chains for RCE, lateral movement via world-writable SSH authorized_keys, and privilege escalation through world-writable systemd timers.
Oct 5, 2025
TryHackMe - Soupedecode 01

Enumerating users using RID brute force, Dictionary password attacks, Kerberoasting, and Passing the hash.
Nov 8, 2023
Windows Server Active Directory VM Setup with VirtualBox and Linux

Guide to setting up an Active Directory Domain Controller in VirtualBox using Kali
Sep 26, 2023
TryHackMe - Bypass Disable Functions

How to get around PHP disabled_functions utilizing Local File Injection (LFI) and a bit on named pipes and reverse shells.
Jul 18, 2023
GoLang malware utilyzing DLL Injection on a remote process

Exploring remote process DLL Injection, DLL writing, and deploying a gob encoded tcp bind shell.
Jul 11, 2023
GoLang malware utilyzing rc4 encryption to avoid shellcode detection

EDR evasion using rc4 encrypted shellcode by writing a file to disk, downloading rc4 encrypted payloads from a server and injecting them into memory.
Jul 8, 2023
TryHackMe - Ice

Standard Nmap and Metasploit with mimikatz thrown into the mix for fun. Vulnerability and exploit research, privilege escalation, RDP sessions, and a few tricks to spy on the target.
Jul 2, 2023
TryHackMe - Intro PoC Scripting

Exploit development from Proofs Of Concept and CVEs. Explore a Ruby exploit, rewrite it in Python. Payload development, authentication development. Just a really good room for coding and how to...
Jun 29, 2023
TryHackMe - Blue

Vulnerability scanning using nmap, exploitation using metasploit. Examples of creating a reverse TCP shell, upgrading the shell, process migration, hash cracking, and search to find flags.