In this post, we’ll provide a step-by-step guide on how to compromise the Photobomb machine, from start to finish. We’ll cover everything from initial reconnaissance to post-exploitation, and we’ll...

In this challenge, we will dive into the Nunchunks machine from HackTheBox. This machine is a great example of a modern web application, utilizing technologies such as Nginx, NodeJS, and Express. T...

International Password Day is the perfect time to remind ourselves of the importance of strong, unique passwords and good password hygiene. Just like we change our toothbrushes every few months to ...

Access is a popular machine on Hack The Box (HTB), a platform for security professionals and enthusiasts to practice and improve their penetration testing skills. This machine is designed to simula...

It has been a while ago that I bought several courses from The Cyber Mentor (TCM). One of them is Windows Privilege Escalation for Beginners and is part of the Practical Network Penetration Tester ...

The “Sunday” machine is a Solaris system that presents an interesting challenge for pentesters. A initial port scan reveals several open ports, including 79 (finger), 111 (rpcbind), 22022 (SSH). I ...

Another vulnerable machine was mentioned in the blog for preperation for OSWA. This machine is names Inclusiveness and can be downloaded from Vulnhub. Inclusiveness is an intermediate boot to root ...

A while back I came across a blog about preparing for the OSWA exam. This blog mentioned a number of vulnerable machines, including Funbox7 - EasyEnum. A vulnerable machine shared on Vulnhub. Altho...

Let’s dive into the Quick5 vulnerable machine hosted on HackMyVM. This machine offers valuable lessons in ethical hacking and penetration testing, with a focus on client side attacks such as exploi...

In the past I did Bastard as preperation for OSCP since it was listed on the famous TJnull list. A few days ago I was looking in my writeups and I found out that I did not have a writeup on this ma...