Recent Posts

HackTheBox: UpDown

9 minute read

This box is rated medium difficulty on HTB. It involves us getting access to a developer subdomain via an exposed Git repository on the main site. Then, we g...

HackTheBox: Sau

4 minute read

This box is ranked easy difficulty on HTB. It involves us exploiting an SSRF vulnerability to forward a web server running internally on port 80. Then, we us...

TryHackMe: Tempus Fugit Durius

13 minute read

This box is rated hard difficulty on THM and directly translates to “Time flies harder”. 

TryHackMe: Road

5 minute read

This box is rated medium difficulty on THM. It involves us updating an admin account’s password using a built-in function on the webpage which allows us to u...

TryHackMe: HackPark

4 minute read

This box is rated medium difficulty on THM. It involves us brute forcing an admin login page with hydra, exploiting a known vulnerability within a blog engin...

TryHackMe: Hack Smarter Security

7 minute read

This box is rated medium difficulty on THM and has a cool theme revolving around hacking an APT hacking group to find out who they’re targeting next.

TryHackMe: 0day

3 minute read

This box is rated medium difficulty on THM. It involves us using the Shellshock vulnerability to get RCE on the system which grants us a shell, and abusing a...

HackTheBox: Escape

9 minute read

This box is rated medium difficulty on HTB. It involves us finding msSQL credentials inside of a PDF on an SMB share, which allows us to logon as a service a...

TryHackMe: Set

13 minute read

This box is rated hard difficulty on THM and is the third installment in the Windcorp series. It involves us finding an exposed XML file containing employee ...

HackTheBox: Busqueda

4 minute read

This box is rated easy difficulty on HTB. I’m starting to go down the list on TJNull’s OSCP-like boxes list for good practice and get a head start on what I ...