HackTheBox - Traverxec
Code execution with path traversal
Metasploit
HackTheBox - Armageddon
Pwning Drupal 7 CMS with Drupalgeddon and abusing Snap with malicious snap package
TryHackMe - Basic Pentesting
This is a machine that allows you to practise web app hacking and privilege escalation
HackTheBox - ScriptKiddie
Exploiting exploitation tools and command injection in a log file
HackTheBox - Laboratory
LFI to RCE on GitLab 12.8.1~12.9.0
HackTheBox - Remote
Enumerating public NFS and gain access to sensitive files