Evan Pardons Portfolio
This site serves as a collection of blog posts, technical notes, personal/professional project portfolio posts and write-ups centered around cybersecurity research/CTF and hands-on learning. I'm a cybersecurity professional focused on continuously improving my skills through experimentation, analysis, and real-world problem solving.
The goal of this blog is to document that process and share practical insights that may be useful to others navigating the field, whether through security research, CTF-style challenges, system hardening, or applied cryptography.
If you find any of the content helpful and would like to support the work, donations are greatly appreciated.
Recent
-
X.509 Certificates Explained: Uses, Fields, Certificate Authoritiess, and Certificate Transparency
· guides
A concise field guide to X.509 certificates: what they’re used for, how to read their fields in a browser, and where Certificate Authorities and Certificate Transparency fit.
-
NiteCTF Crypto Writeup: R Stands Alone
· ctf
NiteCTF24 "R Stands Alone" crypto writeup showing how the RSA modulus with three primes falls by factoring $r = a^3 + 16b^3$ in a cubic number field, recovering $p$ and $q$ to decrypt the flag.
-
Secure Source (Crypto, Hard 500) — Predictable RNG in ECDSA-JWT (Incomplete Writeup)
· ctf
An incomplete but structured writeup for the “Secure Source” challenge. The app signs JWTs with a custom ECDSA implementation whose nonce comes from Python’s Mersenne Twister. Note IDs leak enough RNG output to recover MT state and predict the next nonce, enabling signature forgery. Also covers where the public key should come from and how to obtain it in practice.
-
RSA: How it works, and where things can go wrong
· cryptography
Comprehensive
-
Bash Essentials: Streams, Control Operators, Arguments, Tests, and Functions
· linux
A practical reference to core Bash scripting concepts: standard streams and file descriptors, common control and redirection operators, positional arguments, test operators for files and numbers, and a simple function example.
-
Hello Linux
· linux
Verifies that Markdown → DB → Articles listing works.
-
GnuGPG - Cheatsheet
· cheatsheets
Comprehensive cheatsheet for the `GPG`, an open-source software utilizing the OpenPGP protocol CLI tool for Linux.
-
DD - Cheatsheet
· cheatsheets
Comprehensive cheatsheet for for `dd` CLI tool for Linux.
-
VigenereSolver-ng
· projects
Advanced vigenere cipher brute force solver utilizing classical techniques combined with LLM-based techniques for english plaintext scoring, as well as other math tricks for better approximations and key length/char predictions.
-
OS Enumeration
· pentesting
Basic commands for local OS enumeration
-
x86 Basics: Opcodes, Operands, and a Few Core Instructions
· ctf
A quick refresher on what opcodes look like in a disassembler, the three operand types (immediate, register, memory), and several common x86 instructions (MOV, LEA, NOP, SHL/SHR) plus the most common EFLAGS bits you’ll see referenced during reversing and exploitation.
-
Hash vegas - NiteCTF2025 writeup
· ctf
Writeup for the crypto challenge 'Hash Vegas' from NiteCTF2025