HackTheBox Cyber Apocalypse CTF 2023 Writeups
In this post, I have covered HackTheBox Cyber Apocalypse CTF 2023 Writeups in the form of written…
HackTheBox Walkthrough
Binary File Analysis For Buffer Overflow | HackTheBox Questionnaire
Summary In this post, we covered the basic steps to take in order to analyze a binary…
HackTheBox Forest Walkthrough
Pentesting Windows Active Directory with BloodHound | HackTheBox Forest | CREST CRT Track We covered HTB Forest…
HackTheBox Bastion Walkthrough
Mounting VHD Files and Windows Privilege Escalation | HackTheBox Bastion | CREST CRT Track HackTheBox Bastion was…
HackTheBox Access Walkthrough
Windows Privilege Escalation Through Runas | HackTheBox Access | CREST CRT Track HackTheBox Access was a simple…
HackTheBox Squashed Walkthrough
HackTheBox Squashed Walkthrough | Linux Privilege Escalation Through X11 Authorization |CREST CRT Track Squashed uses a few…
From Apache Tomcat To Shell | HackTheBox Jerry
In this post, we covered HackTheBox Jerry as part of the beginner track in Hackthebox. We demonstrated…
The Eternal Blue Exploit | HackTheBox Blue | Beginner Track
In this post, we covered the eternal blue exploit as part of HackTheBox Beginner Track. Machine Name…
Analyzing a Hacked WebServer With Wireshark | HackTheBox Intro To Blue Team | Chase
Introduction One of our web servers triggered an AV alert, but none of the sysadmins say they…
Reverse Shell Over ICMP | HackTheBox Minion
In this post, we go over the concept of retrieving shell via ICMP protocol instead of TCP….
Exploiting Server Side Request Forgery (SSRF) | HackTheBox Kotarak
In this post, we demonstrated how to exploit SSRF to discover internal hidden services. We performed privilege…
The ShellShock Vulnerability Explained | HackTheBox Shocker
Shellshock vulnerability allows for remote code execution using shell callouts to bash below 4.3. payload can be…
Windows Active Directory PAC Vulnerability | HackTheBox Mantis
In Windows active directory environment, PAC stands for privilege attribute certificate which stores information about the user…
JSON Deserialization Vulnerability – HackTheBox Time – CVE-2019-12384 Jackson RCE
Premise In this video walkthrough, we covered a vulnerability in Jackson library that uses JSON Deserialization and…
Understanding Lua Programming Vulnerabilities | HackTheBox Luanne
Premise In this video walkthrough, we demonstrated common vulnerabilities in Lua programming including code injection, and performed…
