Overview Machine Cozyhosting Rank Easy Time 3h14m Focus Dir-busting, cookies 1. Enumeration # port...

Overview Machine Keeper Rank Easy Time 3h19m Focus Default credentials, CVEs Information Gathering ...

TryHackMe vs. HackTheBox For the past few months, I was intensively studying and practicing almost exclusively through the Try Hack Me (THM) platform. Within 3 months I completed, almost, 7 out of...

Introduction Live host discovery is crucial as going directly into port scanning can waste time and create unnecessary noise if trying to scan offline systems. Commands related with Live Host Di...

Overview Nibbles was the first easy HTB target that I pwned, and probably the majority of HTB users as well, as it was used as an example at the Penetration Test job path. Nibbles is a fairly ...

Overview Machine Broker Rank Easy Focus Default creds, ActiveMQ, nginx configuration Initial Enumeration What we know: ...

1 Summary 2 Background Information The Agent Sudo room is rated as an Easy room, and it is, as it involves nothing too complex. However, if you know nothing about steganography or hasn’t used a...

1 Summary 2 Background Information The RootMe room is fairly straigthfoward, great for beginners, as it provides “hints” on what to search for on each task. As a result, not really any specific...

1 Summary 2 Background Information The Marketplace room felt like a “real-world” penetration testing scenario, as it has almost no guidance at all: The sysadmin of The Marketplace, Michael,...

This content is from THM’s Data Exfiltration room, part of the Red Teaming learning path. 1. What is Data Exfiltration? Data Exfiltration (DE) is a technique used to transfer data from the ta...