VariaType - HTB
A medium-difficulty Linux machine centered around a custom font-generation web application. The challenge involves exploring file handling behavior, analyzing backend processing logic, and chaining multiple issues in the font processing pipeline to move from initial access to full system compromise.
CCTV - HTB
Easy Linux CCTV machine abusing ZoneMinder and MotionEye flaws through SQL injection and escalation. [Unintended]
Pirate - HTB
Windows Active Directory challenge centered on delegation, Kerberos, and privilege escalation workflows.
Valid User (No Password)
Valid User (No Password) techniques and commands for Active Directory security assessment.
BigBang - HTB
Hard Linux box chaining WordPress LFI, DB creds, Grafana hash cracking, and an Android API command injection for root.
Domain Admin
Domain Admin techniques and commands for Active Directory security assessment.
Imagery - HTB
Medium Linux box using blind XSS for admin session theft, LFI to source read, ImageMagick command injection for RCE, pyAesCrypt backup decryption, and Charcol cron abuse for root.
Man In The Middle (Listen and Relay)
Man In The Middle (Listen and Relay) techniques and commands for Active Directory security assessment.