Posts on Sai Sathvik

Security Interview Prep

Sat, 24 Jan 2026 00:00:00 +0000

Cryptography

Symmetric Encryption

Symmetric encryption uses one key for both encryption and decryption. The sender and receiver must both have access to this shared secret key.

Key Features:

One key: The same key is used to encrypt and decrypt data.
Fast and efficient: Because the algorithm is less complex, symmetric encryption is faster and more efficient, making it suitable for encrypting large amounts of data.
Key management: A major challenge is securely sharing the key between parties. If the key is intercepted or leaked, the encrypted data can be compromised.

Algorithms:

My Internship Experience at A10 Networks

Mon, 18 Aug 2025 00:00:00 +0000

After a long internship search, I got my first internship offer from A10 Networks as a Threat Research Intern.

Project - Hacking Hackers

My goal is to build a Mirai Botnet tracker that tracks the victims in the early phases of the attack. As this is research work, the goals are not fixed. And why Mirai? Coz it’s very common. First, I started with analyzing the Mirai malware from Malware Bazaar by doing static and dynamic analysis. After so many trials, I figured out a unique technique(might get a patent for this 🥳) and built a tracker, as well as some other side quests that got good feedback.

Cool things I did at DefCon 33

Tue, 12 Aug 2025 00:00:00 +0000

I went to DefCon once again, and I loved it this time too. Unlike last time, I attended some talks as well. This gave me motivation to work on cool projects.

CTFs

I participated in CTFs at Bug Bounty, Maritime Hacking, Red ICS, Recon, and Adversary Villages. I didn’t completely lock in but solved a few challenges. One of the main roadblocks I experienced was bad WiFi—it was very slow, and since these challenges require some research and GPTing, I had to rely on my hotspot, which wasn’t great either.
I really liked the Red ICS CTF and solved 6 challenges.
Scammed a scammer at the Scambait Village, wasted his time, and won a t-shirt 🥳🥳

CVE-2024-47062 PoC

Tue, 12 Nov 2024 00:00:00 +0000

GitHub link: https://github.com/saisathvik1/CVE-2024-47062

This PoC demonstrates how an SQL Injection vulnerability in Navidrome (CVE-2024-47062) can be exploited to gain admin access. It explains how SQL Injection can reveal sensitive data, how to use a JWT token to obtain admin privileges, and how to decrypt passwords with a hardcoded key stored in Navidrome. This project was created for our Hacking and Offensive Security class (18-739D) at CMU.

Team: Michael Crotty, Annie Liu, Tilden Jackson, Sai Sathvik

Binary Exploitation: Understanding What Happens When an Executable Runs

Sun, 25 Aug 2024 00:00:00 +0000

When you write a C program, such as:

#include <stdio.h>

int fun() {
 int a = 10;
 return a * 10;
}

int main() {
 int b = fun();
 b = b + fun();
 printf("%d", b);
}

The code outputs 200. But what exactly happens from writing this code to seeing the output? Let’s break down the process of compiling and running this program.

What is Compiling?

Compiling converts human-readable C code into machine code that the computer can execute. Here’s how you can compile your code:

OSCP Cheatsheet

Wed, 21 Aug 2024 00:00:00 +0000

Prepared as part of my OSCP Preparation.

Successfully passed the OSCP exam on May 20, 2024. Verify my achievement here.
Feel free to open a pull request if you have any corrections, improvements, or new additions!
You can access my cheatsheet from here: https://s4thv1k.com/posts/oscp-cheatsheet/ as well!
Helped over 20 individuals in passing their exam:) Please let me know if this helped you too ❤️