TryHackMe - Easy Peasy
Practice using tools such as Nmap and GoBuster to locate a hidden directory to get initial access to a vulnerable machine. Then escalate your privileges through a vulnerable cronjob.
Posts by Category
easy
TryHackMe - Brooklyn Nine Nine
This room is aimed for beginner level hackers but anyone can try to hack this box. There are two main intended ways to root the box.
TryHackMe - Agent T
Something seems a little off with the server. Agent T uncovered this website, which looks innocent enough, but something seems off about how the server responds…
TryHackMe - Soupedecode 01
Soupedecode is an intense and engaging challenge in which players must compromise a domain controller by exploiting Kerberos authentication, navigating through SMB shares, performing password spraying, and utilizing Pass-the-Hash techniques. Prepare to test your skills and strategies in this multifaceted cyber security adventure.
TryHackMe - Light
I am working on a database application called Light! Would you like to try it out? If so, the application is running on port 1337. You can connect to it using nc MACHINE_IP 1337. You can use the username smokey in order to get started.
TryHackMe - Publisher
The Publisher CTF machine is a simulated environment hosting some services. Through a series of enumeration techniques, including directory fuzzing and version identification, a vulnerability is discovered, allowing for Remote Code Execution (RCE). Attempts to escalate privileges using a custom binary are hindered by restricted access to critical system files and directories, necessitating a deeper exploration into the system’s security profile to ultimately exploit a loophole that enables the execution of an unconfined bash shell and achieve privilege escalation.
TryHackMe - Basic Pentesting
This machine contains multiple remote vulnerabilities and multiple privilege escalation vectors. Your goal is to remotely attack the VM and gain root privileges. Once you’ve finished, try to find other vectors you might have missed! This is a machine that allows you to practise web app hacking and privilege escalation.
VulnHub - ICA: 1
According to information from our intelligence network, ICA is working on a secret project. We need to find out what the project is. Once you have the access information, send them to us. We will place a backdoor to access the system later. You just focus on what the project is. You will probably have to go through several layers of security. The Agency has full confidence that you will successfully complete this mission. Good Luck, Agent!
VulnHub - MyExpense: 1
MyExpense is a deliberately vulnerable web application that allows you to train in detecting and exploiting different web vulnerabilities. Unlike a more traditional “challenge” application (which allows you to train on a single specific vulnerability), MyExpense contains a set of vulnerabilities you need to exploit to achieve the whole scenario.
linux
TryHackMe - Easy Peasy
Practice using tools such as Nmap and GoBuster to locate a hidden directory to get initial access to a vulnerable machine. Then escalate your privileges through a vulnerable cronjob.
TryHackMe - Brooklyn Nine Nine
This room is aimed for beginner level hackers but anyone can try to hack this box. There are two main intended ways to root the box.
TryHackMe - Agent T
Something seems a little off with the server. Agent T uncovered this website, which looks innocent enough, but something seems off about how the server responds…
TryHackMe - Light
I am working on a database application called Light! Would you like to try it out? If so, the application is running on port 1337. You can connect to it using nc MACHINE_IP 1337. You can use the username smokey in order to get started.
TryHackMe - Publisher
The Publisher CTF machine is a simulated environment hosting some services. Through a series of enumeration techniques, including directory fuzzing and version identification, a vulnerability is discovered, allowing for Remote Code Execution (RCE). Attempts to escalate privileges using a custom binary are hindered by restricted access to critical system files and directories, necessitating a deeper exploration into the system’s security profile to ultimately exploit a loophole that enables the execution of an unconfined bash shell and achieve privilege escalation.
TryHackMe - Basic Pentesting
This machine contains multiple remote vulnerabilities and multiple privilege escalation vectors. Your goal is to remotely attack the VM and gain root privileges. Once you’ve finished, try to find other vectors you might have missed! This is a machine that allows you to practise web app hacking and privilege escalation.
VulnHub - ICA: 1
According to information from our intelligence network, ICA is working on a secret project. We need to find out what the project is. Once you have the access information, send them to us. We will place a backdoor to access the system later. You just focus on what the project is. You will probably have to go through several layers of security. The Agency has full confidence that you will successfully complete this mission. Good Luck, Agent!
VulnHub - infovore: 1
This is an easy to intermediate box that shows you how you can exploit innocent looking php functions and lazy sys admins. There are 4 flags in total to be found, and you will have to think outside the box and try alternative ways to achieve your goal of capturing all flags. VM has been tested on VirtualBox 6.1.10 and VMWare (Fusion)
tryhackme
TryHackMe - Easy Peasy
Practice using tools such as Nmap and GoBuster to locate a hidden directory to get initial access to a vulnerable machine. Then escalate your privileges through a vulnerable cronjob.
TryHackMe - Brooklyn Nine Nine
This room is aimed for beginner level hackers but anyone can try to hack this box. There are two main intended ways to root the box.
TryHackMe - Agent T
Something seems a little off with the server. Agent T uncovered this website, which looks innocent enough, but something seems off about how the server responds…
TryHackMe - Soupedecode 01
Soupedecode is an intense and engaging challenge in which players must compromise a domain controller by exploiting Kerberos authentication, navigating through SMB shares, performing password spraying, and utilizing Pass-the-Hash techniques. Prepare to test your skills and strategies in this multifaceted cyber security adventure.
TryHackMe - Light
I am working on a database application called Light! Would you like to try it out? If so, the application is running on port 1337. You can connect to it using nc MACHINE_IP 1337. You can use the username smokey in order to get started.
TryHackMe - Publisher
The Publisher CTF machine is a simulated environment hosting some services. Through a series of enumeration techniques, including directory fuzzing and version identification, a vulnerability is discovered, allowing for Remote Code Execution (RCE). Attempts to escalate privileges using a custom binary are hindered by restricted access to critical system files and directories, necessitating a deeper exploration into the system’s security profile to ultimately exploit a loophole that enables the execution of an unconfined bash shell and achieve privilege escalation.
TryHackMe - Basic Pentesting
This machine contains multiple remote vulnerabilities and multiple privilege escalation vectors. Your goal is to remotely attack the VM and gain root privileges. Once you’ve finished, try to find other vectors you might have missed! This is a machine that allows you to practise web app hacking and privilege escalation.
vulnhub
VulnHub - ICA: 1
According to information from our intelligence network, ICA is working on a secret project. We need to find out what the project is. Once you have the access information, send them to us. We will place a backdoor to access the system later. You just focus on what the project is. You will probably have to go through several layers of security. The Agency has full confidence that you will successfully complete this mission. Good Luck, Agent!
VulnHub - infovore: 1
This is an easy to intermediate box that shows you how you can exploit innocent looking php functions and lazy sys admins. There are 4 flags in total to be found, and you will have to think outside the box and try alternative ways to achieve your goal of capturing all flags. VM has been tested on VirtualBox 6.1.10 and VMWare (Fusion)
VulnHub - MyExpense: 1
MyExpense is a deliberately vulnerable web application that allows you to train in detecting and exploiting different web vulnerabilities. Unlike a more traditional “challenge” application (which allows you to train on a single specific vulnerability), MyExpense contains a set of vulnerabilities you need to exploit to achieve the whole scenario.
linux
VulnHub - MyExpense: 1
MyExpense is a deliberately vulnerable web application that allows you to train in detecting and exploiting different web vulnerabilities. Unlike a more traditional “challenge” application (which allows you to train on a single specific vulnerability), MyExpense contains a set of vulnerabilities you need to exploit to achieve the whole scenario.
medium
VulnHub - infovore: 1
This is an easy to intermediate box that shows you how you can exploit innocent looking php functions and lazy sys admins. There are 4 flags in total to be found, and you will have to think outside the box and try alternative ways to achieve your goal of capturing all flags. VM has been tested on VirtualBox 6.1.10 and VMWare (Fusion)
windows
TryHackMe - Soupedecode 01
Soupedecode is an intense and engaging challenge in which players must compromise a domain controller by exploiting Kerberos authentication, navigating through SMB shares, performing password spraying, and utilizing Pass-the-Hash techniques. Prepare to test your skills and strategies in this multifaceted cyber security adventure.
active-directory
TryHackMe - Soupedecode 01
Soupedecode is an intense and engaging challenge in which players must compromise a domain controller by exploiting Kerberos authentication, navigating through SMB shares, performing password spraying, and utilizing Pass-the-Hash techniques. Prepare to test your skills and strategies in this multifaceted cyber security adventure.