ls ./writeups

Walkthroughs from Hack The Box, TryHackMe, VulnLab, PwnedLabs, CyberDefenders, and other security challenges.

./writeups/defense/2025-10-16-cydef_revil

Revil Walkthrough - CyberDefenders Labs

Writeup notes, enumeration, exploitation path, and lessons learned.

16/10/2025Defense Labs

#Cyber-Defenders#Splunk

./writeups/cloud/2025-10-13-htb_cloudy

Cloudy Walkthrough - HTB

Walkthrough of HTB's Cloudy machine

13/10/2025Cloud Labs

#HTB#Linux-Server#Exploit#Credential-Harvesting

./writeups/defense/2025-10-07-cydef_xxe_infil

XXE Infiltration - CyberDefenders Labs

Writeup notes, enumeration, exploitation path, and lessons learned.

10/10/2025Defense Labs

#Cyber-Defenders#Network Analysis

./writeups/attack/2025-10-05-htb_active

Active Walkthrough — HTB

Walkthrough for HTB 'Active' machine — Recon, Enumeration, Exploitation and Privilege Escalation.

5/10/2025Attack Labs

#HTB#Kerberoasting#CVE-2014-1812#Standalone-DC

./writeups/attack/2024-11-24-htb_administrator

Administrator Walkthrough: Exploiting Active Directory Misconfigurations - HTB

Walkthrough of HTB's Administrator machine

24/11/2024Attack Labs

#HTB#On-Prem#Standalone-DC#Kerberoasting

./writeups/attack/2024-11-13-htb_sauna

Sauna Walkthrough: From AS-REP Roasting to Domain Admin with DCSync Abuse - HTB

Walkthrough of HTB's Sauna machine

14/11/2024Attack Labs

#HTB#On-Prem#Standalone-DC#Kerberoasting

./writeups/attack/2024-10-11-htb_forest

Forest Walkthrough: Exploiting AS-REP Roasting and Misconfigured AD Permissions to Compromise the Domain Controller.

Walkthrough of HTB's Forest machine

10/11/2024Attack Labs

#HTB#ldap#on-prem#privesc

./writeups/attack/2024-12-06-htb_return

Return Walkthrough: Exploiting Printer Misconfigurations

Writeup notes, enumeration, exploitation path, and lessons learned.

8/11/2024Attack Labs

#HTB#ldap#on-prem#privesc

./writeups/attack/2024-11-03-htb_netmon

Netmon Walkthrough: Exploiting PRTG's CVE-2018-9276

Walkthrough of HTB's Netmon machine

3/11/2024Attack Labs

#HTB#ftp#standalone

./writeups/attack/2024-10-30-htb_cicada

Cicada Walkthrough: Exploiting Shared Access from Guest User Privileges

Walkthrough of HTB's Cicada machine

30/10/2024Attack Labs

#HTB#smb#credential_compromise#ldap

./writeups/attack/2024-10-28-htb_jerry

Jerry Walkthrough: Brute-Forcing Default Service Credentials

Walkthrough of HTB's Jerry machine

28/10/2024Attack Labs

#HTB#standalone#brute-force

./writeups/attack/2024-10-17-htb_legacy

Legacy Walkthrough: Exploiting vulnerable Server Service

Walkthrough of HTB's Legacy machine

18/10/2024Attack Labs

#HTB#Standalone-Windows-Machine#Exploit#CVE-2008-4250

./writeups/attack/2024-10-07-htb_blue

Blue Walkthrough:Exploiting CVE-2017-0144

Walkthrough of HTB's Blue machine without using Metasploit

8/10/2024Attack Labs

#HTB#CVE-2017-0144#Standolone-Windows-Machine#Exploit

./writeups/attack/2024-10-02-vl_baby

Baby Walkthrough: Enumerating SMB and LDAP on Windows Server 2022

Walkthrough of Vulab's Machine Baby

2/10/2024Attack Labs

#VulnLab#On-Prem#Anonymous-Login#Standalone-DC

./writeups/attack/2024-10-13-vl_escape

Escape Walkthrough: Exploiting Whitelisting and Privilege Escalation

Walkthrough of Vulab's Machine Escape

2/10/2024Attack Labs

#vulnlab#application_whitelisting#on-prem

./writeups/cloud/2024-09-27-pl_blobv

MegaBigTech: Initial Access to Azure account via exposed Blob containers - PwnedLabs

Walkthrough of Pwnlab's Azure Initial access machine

27/9/2024Cloud Labs

#PwnedLabs#Azure-Cloud#BlobVersioning#Misconfiguration