Writeups

A Windows machine from Vulnlab/Hack The Box that teaches you how to exploit a common CI/CD application and achieve privilege escalation using Oplocks.

An easy Linux machine on Hack the Box that features a Joomla CMS service for initial foothold and a vulnerable crash report service for privilege escalation

Learn about how can Linux-joined Active Directory Environments be exploited.

A Linux box to learn about creative command injection and password managers

A Windows Active Directory box that combines the old and new to craft an interest attack vector.

Learn about how to enumerate ports through squid and poking around in a web app for privilege Escalation

An intermediate Linux box that eaches you how to exploit an authentication bypass and finding credentials in config files.

Heist is a hard Windows Active Directory box on Offsec PG and is a good box to prepare for the AD portion of the exam.

A Hard Linux Box by Offsec PG that revolves around exploiting Redis server.

A Hard Linux Box by Offsec PG Practice that involves exploiting a Cassandra Web installation for arbitrary file read.

A Vulnlab Windows Active Directory Box where you can learn about LDAP-Enumeration & Windows Privileges

Exploit a recent vulnerability and hack Webmin, a web-based system configuration tool.

A new start-up has a few issues with their web server.

A box involving encrypted archives, source code analysis and more.