HackTheBox Planning - Complete Walkthrough Overview Planning is an Easy Linux machine that demonstrates web application exploitation, container escape techniques, and privilege escalation through...

HackTheBox Delegate - Complete Walkthrough Overview Delegate is a Medium Windows machine that demonstrates Active Directory attack techniques including GenericWrite abuse and Unconstrained deleg...

HackTheBox Environment - Complete Walkthrough Overview Environment is a Medium Linux machine that demonstrates several interesting attack vectors including Laravel environment manipulation, file ...

Summary TheFrizz was a medium difficulty Windows machine from HackTheBox. Initial reconnaissance revealed an Apache web server hosting Gibbon LMS, which was vulnerable to an unauthenticated RCE. Th...

HackTheBox - Nocturnal Nocturnal is a retired HackTheBox machine that focuses on web application vulnerabilities, command injection, and privilege escalation. We started of by enumerating the open...

Summary Dog is a retired easy HackTheBox machine that involves exploiting a vulnerable version of Backdrop CMS to gain initial access by reading an exposed .git folder, enumerating valid username a...

Summary Titanic is a retired Easy Hack The Box machine that involves exploiting a Flask web application with directory traversal vulnerabilities to extract sensitive information from a Gitea datab...

Summary Infiltrator is an Insane rated Windows machine on Hack The Box, which focuses on Active Directory enumeration, privilege escalation through Active Directory Certificate Services (ADCS), an...

Summary Backfire is a Medium difficulty HackTheBox machine that involves exploiting a vulnerability in the Havoc C2 framework to gain remote code execution (RCE) through a Server-Side Request Forg...

Summary Checker is a hard machine from HackTheBox, which focuses heavily on public CVEs exploit. We started off with an nmap scan to identify the open ports and services running on the target mac...