HackTheBox IClean Writeup | Exploiting XSS & SSTI
Introduction HackTheBox IClean begins with a basic cross-site scripting (XSS) attack to steal cookies, which is followed…
HackTheBox
HackTheBox BoardLight Writeup
Introduction HackTheBox BoardLight is a web-based challenge from HackTheBox. This challenge typically focuses on web vulnerabilities, and…
Using Python to Solve Computational Problems | Hackthebox Computational Recruiting Writeup
Introduction HackTheBox Computational Recruiting challenge involves a typical cryptography and pattern analysis problem. The goal is to…
Buffer Overflow Exploitation Vulnerability | HackTheBox Regularity Writeup
Introduction Hack The Box (HTB) “Regularity” challenge is a binary exploitation task involving a 64-bit statically linked…
Laravel Admin Exploit | HackTheBox Usage Writeup
HackTheBox Usage begins with a blind SQL injection in a password reset form, which can be exploited…
Exploiting Ansible Galaxy Vulnerabilities | HackTheBox Intuition Writeup
Introduction HackTheBox Intuition begins with a series of websites focused on document compression. There’s an authentication site,…
HackTheBox SolarLab Writeup
For this Hack the Box (HTB) machine, I utilized techniques such as enumeration, user pivoting, and privilege…
HackTheBox Mailing Writeup
The article explains a HackTheBox challenge involving a compromised email service. It guides readers through investigating the…
TeamCity & Portrainer Web Exploitation | HackTheBox Runner CTF Walkthrough
In this post, we demonstrated and covered the solution to HackTheBox Runner machine which involves basic enumeration,…
Laravel PHP Vulnerabilities | CVE-2018-15133 | HackTheBox Academy CTF Walkthrough
In this post, we demonstrated Laravel PHP CVE-2018-15133 and conducted privilege escalation by finding stored credentials. This…
HackTheBox Sherlocks Campfire 1 & 2 | Detecting Active Directory Kerberos Attacks
In this post, we covered the solution walkthroughs for two HackTheBox Sherlock challenges, which are, HackTheBox Campfire-1…
Exploit Minecraft Server | HackTheBox Crafty Walkthrough
In this post, we covered the solution of HackTheBox Crafty machine where we showcased the exploitation of…
Craft CMS Exploitation | HackTheBox Surveillance Walkthrough
We covered the walkthrough of HackTheBox Surveillance where we demonstrated the exploitation of the recent vulnerability CVE-2023-41892…
Forensics CTF Challenges | HackTheBox Red Miners
Description In the race for Vitalium on Mars, the villainous Board of Arodor resorted to desperate measures,…
OSINT Case Studies P2 | Blockchain & Manhunt | HackTheBox Block Hunt3r & Missing in action
We covered the second part of open source intelligence case studies as part of HackTheBox OSINT track….
Open Source Intelligence Case Studies | HackTheBox Easy Phish, Infiltration & ID Exposed.
We covered multiple OSINT case studies and challenges from HackTheBox, namely Easy Phish, Infiltration & ID Exposed,…
Node js Command Injection Explained | HackTheBox JSCalc
We covered command injection and execution in Node JS. The scenario included an input box that passes…
Domain Redirection Bypass Explained | HackTheBox RenderQuest & ProxyAsAService
We covered practical examples of bypassing domain redirection restrictions. In the first example we used a Webhook…
Exploiting Python Pickle with SQL Injection | HackTheBox C.O.P
We covered the python pickle library and explained why it’s not secure any more. Additionally we demonstrated…
Microsoft Office Word Document Malware Analysis | HackTheBox Diagnostic
We covered analyzing a sample Microsoft office word document using oletools to extract relevant Macros and links….