HackTheBox - Driver

Driver is also one of the machines listed in the HTB printer exploitation track. It starts with a …

HackTheBox - Intelligence

Intelligence brings some cool enumeration and exploitation techniques to own Active Directory. It …

HackTheBox - Return

Return is another machine listed in the HTB printer exploitation track. This machine hosts a web …

HackTheBox - Love

Basic things you can do with SSRF

HackTheBox - Heist

Learn how RID cycling could be used for enumerating AD users

Me vs Windows Permissions

Facing weird error on Windows 10? Then this post might help you

HackTheBox - Active

Finding passwords in Group Policy Preferences and roasting Kerberos

HackTheBox - Atom

Supplying a malicious update definition to Electron-updater

HackTheBox - Cereal (User)

Chaining XSS, SSRF, and deserialization vulnerabilities to get RCE

HackTheBox - Omni

Unauthenticated RCE as SYSTEM on Windows 10 IoT

HackTheBox - Blackfield

Abusing Backup Operators group to dump Active Directory database

HackTheBox - Worker

Learn how Azure Pipelines can be abused

HackTheBox - Buff

Tunneling with Chisel to deliver a buffer overflow exploit

HackTheBox - Cascade

Plundering dead Active Directory accounts

HackTheBox - APT

Enumerating network interfaces of a remote computer via MSRPC and exploit NTLMv1

HackTheBox - Nest

Nest is one of my favorite machines after Forest, I learned a lot about enumeration here, especially …

HackTheBox - Sauna

Learn basic exploitation of Active Directory

HackTheBox - ServMon

Exploiting embedded system software

HackTheBox - Remote

Enumerating public NFS and gain access to sensitive files

HackTheBox - Forest

Using BloodHound to discover abusable Active Directory groups