What is SQL Injection? SQL injection is a very well known web application security vulnerability that can have serious consequences. Exploitation often leads to theft of sensitive information such as passwords, financial data, personally identifiable information, and much more. Big
Arctic is an awesome Windows machine on Hack The Box that will test your ability to perform basic enumeration and establish initial access by exploiting a directory traversal vulnerability in a web application. Once the attacker gains a foothold, they
Beep is an easy Linux machine on Hack The Box that has a few different options for exploitation. This write up will showcase an LFI (Local File Inclusion) vulnerability against Elastix. Local File Inclusion vulnerabilities allow attackers to access files
Knife is an easy Linux machine on Hack The Box that is centered around exploitation of PHP 8.1.0-dev. This version of PHP has a backdoor (which isn’t very well hidden) that allows attackers to perform remote code execution. This exploitation
Cap is an easy Linux machine on Hack The Box that will first test your ability to locate an IDOR vulnerability in a web application. Once this vulnerability is identified, you will be able to download a PCAP file and
Netmon is an Easy Windows machine on Hack The Box and it is easily one of my favorites. This machine will test your ability to find sensitive data, take advantage of a weak password policy, and identify a known vulnerability
Bashed is an easy HTB machine that is Linux based and requires you to find and exploit an exposed web shell. Simple enumeration will allow us to retrieve the user.txt flag, but you will need to use a php reverse
Nibbles is a fun and easy Linux machine that will test your ability to perform basic web enumeration and exploit a known vulnerability that exists on Nibble blog. Initial exploitation will achieve user access, but additional privilege escalation will be
Granny is an easy Windows machine box on Hack The Box that tests the user ability to find a known vulnerability and launch an exploit to establish an initial foothold. However it’s not over there! You will also need to
Grandpa is a fun Windows machine on the Hack The Box that is quite beginner friendly. This machine requires exploiting a known vulnerability to achieve initial user access and then utilizing privilege escalation to achieve system access. If you enjoy