This write-up for the Active Directory challenge from LeHack CTF 2024. This challenge plunged into the depths of AD exploitation, testing our skills in navigating network environments, enumerating ...

This lab was part of 2024’s BarbHack hacking conference’s CTF and was created by mpgn who is known for his contributaions to NetExec. from oficial repo: Originally featured in the Barbhack 202...

Recon nmap scan: Starting Nmap 7.95 ( https://nmap.org ) at 2025-05-01 19:28 EDT Nmap scan report for nocturnal.htb (10.10.11.64) Host is up (0.19s latency). Not shown: 998 closed tcp ports (reset...

This a pretty straightforward machine that focuses on how to bypass pyjail as well as the ability to read a bash script. recon # Nmap 7.95 scan initiated Sun Mar 30 13:24:58 2025 as: /usr/lib/nmap...

Recon Nmap output # Nmap 7.94SVN scan initiated Sat Nov 23 04:38:55 2024 as: /usr/lib/nmap/nmap --privileged -sC -sV -T4 -p- -oN nmap.scan -vv --min-rate=10000 10.10.181.109 Increasing send delay f...

This machine necessitates a basic understanding of active directory and how to take use of both DCSync and GenericWrite misconfigurations. The author provides creds for initial access As is comm...

Another Mr. Robot themed box. Rustscan indicated that just two ports were open, so I used nmap to check both of them. # Nmap 7.94SVN scan initiated Thur Oct 31 09:17:50 2024 as: /usr/lib/nmap/nm...

I demonstrate how I pwned Cicada on HackTheBox. This box mostly emphasizes two important skills: Enumrating Active Directory’s RIDs for potential list of valid usernames Abusing the backup op...

Walking through how I set up the Game Of Active Directory lab using VMware Pro on a Windows host. GOAD is a lab enviroment built for pentesters with alot of misconfigurations to practice different...

A medium box considiring the number of steps, however it was worthwhile and I learned alot Enumeration # Nmap 7.94SVN scan initiated Mon Aug 26 17:42:14 2024 as: nmap -Pn -p- --min-rate 2000 -sC ...