How to Live After 1 AM

Sane — Thu, 16 Apr 2026 08:05:50 +0000

We Become What We Are At 1AM.

At that sleepy hour, our mind and heart start pressuring us - "What have I done till now? Why me? Why not me? What if?"

We start *REAL * thinking at night. Everyone is sleeping. A phone in hand, scrolling through reels and shorts, earphones in ears - and still, somehow, we hear our own inner voice.

We regret. We regret wasting time. We regret watching a reel where someone our age, or younger, is earning more or living happier.

But the truth is - it's not regret. It's feeling. We feel a lot.

The Unfinished Things

I never finish anything - not a course, not a book, not a project. I'm impatient. I have a thousand interests to start but never enough courage to finish.

Everyone starts a race at the same point and the same time. But only the ones who finish are winners.

I couldn't finish anything. And every night, I felt it.

I watched movies thinking they'd inspire me. Nothing happened. I couldn't complete books. Not even articles.

So the question became - how do you live with that?

Then HOW TO LIVE:-

Simple Steps. But Hard to Follow..

After dinner, open any notebook and write down - "What is my plan for the next 2 hours?"
Be honest. If you want to watch reels, write it. If you want to watch a movie, write that too. Whatever you want to do - write it down.
You already know yourself. Based on what you did yesterday and the day before, you know what you'll do next.
After writing, take a photo of that page and save it.
Now the hard part - finish what you wrote, but in half the time.
If you wrote "2 hours of reels," set an alarm for 1 hour. Scroll and finish. If it's a movie, pause or skip - complete it within 1 hour.
You just saved an hour. Now what?
You've completed your free time. Now move. Open something you've been ignoring.
Don't study it. Don't force it. Just look at it for 10 minutes. The magic you're looking for - it lives in the things you've been ignoring.
After 10 minutes, move on. Or if you want more time-pass, follow the same steps again. Write it. Half the time.

WHAT I DID :-

One night I did exactly this.

At 10 PM after dinner, I wrote - "By 12 AM I want to finish an anime episode and scroll reels."

By 11 PM, I was already done with both. And I was bored.I kept on looking timer…

So I opened a tool I had been ignoring for weeks - a security research project. I started exploring. Found a few ideas. Tried them. Tried again.

After 7 days, I made money.

And when it happened - I felt nothing dramatic. No fireworks.

Because I had stopped thinking "I wasted so much time." I started thinking - "I used the time I had."

That one shift changed everything.

One Last Thing

Heartbreaks, ignorance, the people who dismissed you - those feelings don't go away. But they're not here to break you. They're here to move you.

Cheap thinking comes from cheap people. Your value was never theirs to decide. You decide how valuable you are.

If you read this till the end - try it tonight. If you didn't - I hope you're busy living your life.

All the best.

VULNERABILITY RESEARCH

Sane — Sat, 19 Oct 2024 05:47:06 +0000

Vulnerabilities 101

Vulnerability *:A vulnerability is defined as a weakness or flow in the design or behaviors of a system or application.
**Exploit *: It’s an action that utilizes a vulnerability on a system or application.
**Proof of Concept (PoC) : A technique or tool that can show exploitation of a vulnerability. Like proof of attack.
Foothold is referred as an access to the vulnerable machine’s console.

Vulnerability is Hero

So, an attacker can use these vulnerabilities and gain unauthorized access to systems or applications then he can do whatever he wants.
There are mainly 5 categories of vulnerabilities.

*Operating System *: These types of vulnerabilities are found within the Operating Systems results in Privilege Escalation.
(Mis)Configuration-Based : so, vulnerabilities can be occurred from incorrect or wrong configured application or service. Like a shopping website allowing attacker to change price of products.
Weak or Default Credentials : As we know few people use weak passwords like ‘123456789’, ‘password!’, ‘admin:admin’ .
Application Logic : These vulnerabilities are occurring due to poorly designed applications. Like a user can access other users orders or profile by changing id number.
*Human-Factor *: so, different attacker have different techniques few use emails sends as company name and access users data, few uses or share links via sms to get otps lot more…

Scoring Vulnerabilities (CVSS & VPR)

We need to know how much impact of vulnerability cause to company or application.
So, we need to measure it vulnerability by giving it rating or impact.
This rating can be used to pay bug bounty hunter.
For Example, Low priced T-Shirt might have poor design or quality but Medium Rated have slightly better or High rated or prices T-Shirt can be branded and best.
So, based on price or rating we get a impact of it.

Common Vulnerability Scoring System (CVSS)

CVSS is a popular framework for scoring vulnerabilities.
Rating and Scores
None : 0
Low : 0.1–3.9
Medium : 4.0–6.9
High :7.0–8.9
Critical : 9.0 -10.0

Vulnerability Priority Rating (VPR)

VPR is modern framework to score vulnerabilities.
Its risk driven rating it won’t consider impact of vulnerabilities like CVSS.
Rating and Scores
Low : 0.0–3.9
Medium : 4.0 -6.9
High : 7.0–8.9
Critical : 9.0–10.0

Vulnerability Databases

The database which contains information about Vulnerabilities.
Vulnerabilities are classified under “ Common Vulnerability and Exposures” (CVE).
This CVEs have a format like CVE-YEAR-IDNUMBER like in 2017 a vulnerability found we declare it as CVE-2017–0144.

*National Vulnerability Database
*

It’s a website that lists all publicly available CVEs.

Exploit-DB

It’s best resource we get all information as well as PoCs about vulnerabilities.

Exploit Vulnerabilities

*Automated Vulnerability Scanner
*

Nessus Scanner we use to find vulnerabilities.
Broken Access Control : attacker can access other parts of applications.
Insecure Deserialization : malicious code or data that can be passed on application.
Injection : input malicious data into application.

*Manual Exploits
*

**Rapid7 **resource we use to search and filter out type of vulnerability. It contains instructions for exploiting using Metasploit.
**GitHub **also best resource to look for exploits.
**Searchsploit **is a tool can be used to search exploits with instructions. It has default in Kali and no need internet for it.

*NOTES :
*
1 . Not all exploits shown in first search works.

Always need to look for more even first one works cause the more we dig we get more information of it.
Finding attacking website information such as version number or more can be hard to find but we need to try out like checking on source code and java script files.
Best to check backend of site with help of few tools like wappalyzer like those can help.

training from tryhackme.

DEV Community: Sane