Logging - HTB
Logging starts with a routine Active Directory assessment, where seemingly ordinary artifacts and a bit of intuition gradually reveal a chain of misconfigurations leading to full compromise.
Silentium - HTB
An easy Linux machine featuring web enumeration, password reset vulnerability, container escaping, and internal service access.
DevArea - HTB
A medium-difficulty Linux machine featuring SOAP services, middleware exploitation, and multiple privilege escalation vectors.
Kobold - HTB
An easy-difficulty Linux machine featuring multiple web vulnerabilities.
Giveback - HTB
Medium Linux box chaining GiveWP deserialization RCE with container pivoting, PHP-CGI injection, Kubernetes secret theft, and runc debug abuse for root.
MonitorsFour - HTB
Easy Windows host running Cacti in Docker. Exploit Cacti auth RCE, then escape Docker Desktop via its exposed API to reach the host.
Fries - HTB
Hard Windows AD + container lab. Abuse pgAdmin for container RCE, pivot to internal services, capture LDAP creds, extract gMSA secrets, then ADCS ESC7 to Administrator.
Web Shell via Polyglot ZIP + PDF Upload Bypass
Bypassing file upload filters using ZIP/PDF polyglots or directory tricks.