Scenario Challenge Link: Hunt Me II: Typo Squatters Just working on a typical day as a software engineer, Perry received an encrypted 7z archive from his boss containing a snippet of a source cod...

Interoduction Room Link: windowsprivesc20 Privilege escalation (PrivEsc) means exploiting weaknesses to move from a lower-privileged account to a higher-privileged one, often targeting administrat...

Introduction Room Link: Linux Privilege Escalation Note: This writeup includes external research and personal explanations. Linux privilege escalation refers to the unauthorized act of gaining ...

Introduction: Challenge Link: Forensics The challenge is to analyze the memory dump of a compromised system. Volatility Overview: Volatility 3 is an open-source memory forensics framework used t...

Objective Challenge Link: Pyrat There is an open HTTP server that has a python code execution vulnerability. Exploit this vulnerability to gain a shell to target machine, search for a credentials...

Objective Challenge Link: Blaster The room objective is to look for alternative modes of exploitation without the use of Metasploit or any exploitation tools in general beyond nmap and dirbuster. ...

Objective Challenge Link: Cheese CTF Hack into the machine and get the flags. Enumeration Start by enumerating the target machine There are a lot of open ports, and that could be the use of P...

Objective Challenge Link: Ice Deploy & hack into a Windows machine, exploiting a very poorly secured media server. Recon sudo nmap -sS -sV -n -F 10.10.37.29 Nmap...

Objective: Challenge Link: Mayhem Find the flag inside a PCAP file View the Conversations There are 6 TCP streams; we will view all of them and search for interesting findings. Stream 0 &...

Objective: Challenge Link: tJurassic Park Enumerate the web application, obtain credentials to the server, and find four flags hidden in the file system. Enumeration: Port Scanning sudo nmap -s...