HTB — Only4You A detailed walkthrough for solving Only4You on HTB. The box contains vulnerability like File Inclusion, Weak Credentials, Cypher Injection, Command Injection and privilege escalatio...

HTB — Busqueda A detailed walkthrough for solving Busqueda on HTB. The box contains vulnerability like Python Code Injection, Hardcoded Credentials, Credential Reuse, and privilege escalation thro...

HTB — Socket A detailed walkthrough for solving Socket Box on HTB. The box contains vulnerability like SQLite Injection, Weak Hashing and privilege escalation through SUDO shell scaping. Enumer...

HTB — Stocker It is an easy machine in Hack The Box. It contains vulnerabilities like NoSQL Injection, File Inclusion on PDF conversion and Credential reuse. Enumeration NMAP Disable the ping...

HTB — Interface A detailed walkthrough for solving Interface on HTB. The box contains vulnerability CVE-2022–28368 RCE on Dompdf and privilege escalation through arithmetic expression injection on...

HTB — Investigation A detailed walkthrough for solving Ambassador Box on Hack The Box. The box contains vulnerability like Arbitrary File Read CVE-2021–43798, weak encryption and Remote Code Execu...

HTB — BroScience. A detailed walkthrough for solving BroScience Box on HTB. The box contains vulnerability like Path Traversal and PHP Deserialization from where we can have low priv access. Enume...

I was solving one of the active box in HTB where I encountered some interesting Deserialization vulnerability. Although I managed to solve the box, I was more curious about the exploitation of dese...

HTB — Mentor A detailed walkthrough for solving Mentor Box on HTB. The box contains vulnerability like information disclosure in SNMP, Command Injection, Hardcoded credentials and privilege escalat...

Subdoman Enumeration at first Subfinder Configure the necessary API Keys on ~/.config/subfinder/provider-config.yaml subfinder -d domainname.com -o subfinderoutput # Active Scanning subfi...