This box is rated hard difficulty on THM, it involves us exploiting WordPress to grab a low level shell on the system, port forwarding an internal Jenkins application, and leveraging RCE to leak ro...

This box is ranked medium-difficulty on THM, it involves us escalating privileges on a web application, SSRF on an internal API to read admin credentials, and leveraging an LFI vulnerability to rea...

This box is ranked medium difficulty on THM, it consists of enumerating hidden endpoints on a web server, exploiting code to bypass authentication, and a cool way to escalate privileges to root. R...

This box is ranked as medium-difficulty and requires us to use our exploitation skills to bypass authentication mechanisms on a website and get Remote Code Execution. It’s also a kind of capstone t...

This box is ranked easy-difficulty and involves enumeration, bypassing a login form, uploading a reverse shell, and escalating privileges to grab both flags. Try to exploit our image gallery syste...

This box is ranked hard-difficulty on TryHackMe, it involves us using SQLi to compromise a Joomla CMS account, cracking hashes, and a unique privilege escalation method via yum. Compromise a Jooml...

This is a medium-ranked difficulty box, it involves us dodging plenty of rabbit holes, exploiting command injection on an obscure endpoint, and escalating privileges to gain root access to the syst...

This Men In Black-esque CTF is catered towards beginners and puts a good range of skills to the test. Overall, it was a fun challenge. Discovery After spinning up a Kali image and connecting via O...

Box link– https://tryhackme.com/room/yearofthepig This box is ranked hard difficulty on THM, it involves us brute forcing the login page with a custom wordlist, enumerating a sqlite database for u...

Box link– https://tryhackme.com/room/yearoftheowl This box is ranked hard difficulty on THM, it involves heaps of enumeration on both TCP/UDP, exploiting WINRM to get a foothold on the system, and...