About Me

Welcome! My name is Nguyen Tien Dung, but I go by Suiikawaii 👋

I’m a third-year student at USTH (Vietnam–France University). This blog is where I document a hands-on journey into cybersecurity through step-by-step CTF write-ups, practical notes, and deeper dives when something really clicks.

What you’ll find here 🔎✨

• Write-ups from OverTheWire, TryHackMe, Hack The Box, picoCTF, and various CTF competitions — written so future-me (and you) can reproduce them.
• Methodical walkthroughs & checklists: enumeration → exploitation → privilege escalation → remediation/notes.
• Study logs from USTH: how I build workflows, organize notes, and practice consistently.
• A living roadmap for my long-term cybersecurity goals (and experiments I want to try).

---

Focus areas & toolbox 💻🔥

I mainly focus on Web, Crypto, Forensics, and OSINT, but I keep an open mind to try other categories over time.

Web (AppSec / Web CTF)

• What I enjoy: auth/session bugs, SSRF, deserialization, IDOR, and logic flaws.
• Toolbox: Burp Suite, ffuf, feroxbuster, nmap, httpx, nuclei, sqlmap, ParamSpider, XSStrike.
• Notes style: exact requests/responses, payloads, and replication steps.

Crypto (classical → modern)

• What I enjoy: RSA pitfalls, modular arithmetic tricks, padding/oracle patterns.
• Toolbox: Python, SageMath, pycryptodome, RsaCtfTool, factordb helpers.
• Notes style: derive the math, then code snippets that reproduce the solve.

Forensics

• What I enjoy: file formats, memory/network captures, stego, and weird metadata.
• Toolbox: binwalk, strings, exiftool, steghide, Wireshark, Volatility, foremost.
• Notes style: timeline of actions + command history for clean reproduction.

OSINT

• What I enjoy: footprinting, historical copies, and small pivots that reveal context.
• Toolbox: theHarvester, SpiderFoot, Maltego CE, GHunt, Wayback Machine, Shodan.
• Notes style: cite sources, keep screenshots, and record pivots so others can follow.

I work primarily on Linux, automate with Python/Bash, and keep templates so every post includes exact commands and reasoning.

---

How I got into security 👁️👄👁️

I started with beginner wargames and realized each challenge hides a tiny story — a misconfigured service, a fragile parser, or a logic flaw waiting to be noticed. Writing everything down (including wrong turns) made me faster and helped others avoid the same rabbit holes.
Nah, just kidding — I watched a few movies when I was young (definitely not Mr. Robot or The Matrix) and thought it looked cool to be a hacker. Plus, security is a very promising industry in my country, so I chose it as my path. (I want the backstory to sound cool, but it’s actually pretty simple) :DD

How I work (mini-workflow) 📑✏️

1. Enumerate hard with checklists; capture everything in a scratchpad.
2. Hypothesize: list attack paths and choose the smallest reproducible experiment.
3. Exploit responsibly: prefer local repro; note assumptions and CVE references.
4. Escalate with intention; document artifacts, capabilities, and fixes.
5. Reflect: add “what I’d try first next time” to close the loop.

I joke about being lazy sometimes, but when a problem matters I follow the process strictly.

Learning plan 🚩✨

Short term, I’m doubling down on Web fundamentals and making my checklists tighter.
Mid term, I’m expanding Crypto/Forensics/OSINT notes and releasing small utilities that speed up lab setup.
Long term, I’ll keep entering CTFs while pursuing advanced offensive-security certifications.

---

Off-screen, I enjoy listening to music, gaming (Roblox, Minecraft, Souls-likes — pretty much all kinds of games), going to the gym, playing CTFs, and watching VTubers — especially Hoshimachi Suisei.

Hoshimachi Suisei 🩵✨

Suisei’s music is my study fuel during long labs and late-night CTFs. I love the mix of powerful vocals and crisp production — perfect for getting into flow. I’ll occasionally drop favorite tracks or live clips in posts so fellow fans can vibe along.

Quick facts

• VTuber & singer from hololive (Gen 0). Debuted independently on Mar 22, 2018, later moved from INNK Music to the main hololive branch on Dec 1, 2019.
• Albums: Still Still Stellar (2021) and Specter (2023).
• First VTuber on THE FIRST TAKE (Jan 20, 2023) with “Stellar Stellar”.
• Solo concerts: 1st Solo Live “STELLAR into the GALAXY” (Toyosu PIT, 2021) and 2nd Solo Live “Shout in Crisis” (Tokyo Garden Theater, 2023).
• Unit: Midnight Grand Orchestra (with producer TAKU INOUE) — mini albums Overture (2022) & Starpeggio (2023).
• Signature originals: NEXT COLOR PLANET (2020), GHOST (2021), Stellar Stellar (2021).
• Fandom name: Hoshiyomi (“Stargazers”).
• I’ve followed her since early days; seeing her rise to a “VTuber queen” makes me happy — I’ll keep cheering, so let her cook!!

Starter playlist (I recommend) 🎧💫

• “NEXT COLOR PLANET” — 2020 single
• “GHOST” — 2021 digital single
• “Stellar Stellar” — lead track from Still Still Stellar
• THE FIRST TAKE performance — “Stellar Stellar”

Watch: “Stellar Stellar” (THE FIRST TAKE) 🎤✨

Certifications

• CCNA
• CompTIA Security+
• CEH
• CompTIA PenTest+ (studying; exam not yet taken)
• As mentioned, I’m currently studying for Web Pentest 2025 at Cyber Jutsu and aiming to pass it as well!

---

Thanks for reading!

If you’re also into Suisei, check these out:

• YouTube: Hoshimachi Suisei Official Channel
• X (Twitter): @suisei_hosimati

I don’t publish contact info. If you spot me in a CTF room or on a scoreboard, feel free to say hi!!

Until next time — Otsumachi!! 💖☄️✨