Logging - HTB
Logging starts with a routine Active Directory assessment, where seemingly ordinary artifacts and a bit of intuition gradually reveal a chain of misconfigurations leading to full compromise.
Silentium - HTB
An easy Linux machine featuring web enumeration, password reset vulnerability, container escaping, and internal service access.
DevArea - HTB
A medium-difficulty Linux machine featuring SOAP services, middleware exploitation, and multiple privilege escalation vectors.
Kobold - HTB
An easy-difficulty Linux machine featuring multiple web vulnerabilities.
SeManageVolumePrivilege Exploit
SeManageVolumePrivilege Exploit – AD CS Certificate Theft to DA via Certipy
RustyKey - HTB
Hard Windows machine with Kerberos time abuse, AD ACL misconfigurations, 7-Zip shell extension hijack, and SPN-less RBCD for domain admin.
WingData - HTB
Easy Linux box exploiting Wing FTP Server RCE and a tarfile filter bypass (CVE-2025-4517) to write root SSH keys via a sudo restore script.
Puppy - HTB
A medium Windows Active Directory machine featuring SMB enumeration, KeePass database attack, privilege delegation abuse, and DPAPI credential theft for domain compromise.