Offensive Security Writeups (NO LONGER MAINTAINED)
Hack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and methodologies with thousands of people in the security field.
Below you will find my personal writeups of the various boxes that can be found on hackthebox.eu, ranked by difficulty.
Hack The Box - Easy Boxes
- ✅ - Lame
- ✅ - Legacy
- ✅ - Devel
- ✅ - Beep
- ✅ - Optimum
- ✅ - Arctic
- ✅ - Grandpa
- ✅ - Granny
- ✅ - Bank
- ✅ - Blocky
- ✅ - Blue
- ✅ - Mirai
- ✅ - Shocker
- ✅ - Sense
- ✅ - Bashed
- ✅ - Nibbles
- ✅ - Valentine
- ✅ - Sunday
- ✅ - Bounty
- ✅ - Jerry
- ✅ - Active
- ✅ - Access
- ✅ - Frolic
- ✅ - Curling
- ✅ - Irked
- ✅ - Teacher
- ✅ - Help
- ✅ - FriendZone
- ✅ - Netmon
- ✅ - CasaDePapel
- ✅ - Bastion
- ✅ - SwagShop
- ✅ - Writeup
- ✅ - Haystack
- ✅ - Safe
- ✅ - Heist
- ✅ - Networked
- ✅ - Forest
- ✅ - Postman
- ✅ - Traverxec
- ✅ - OpenAdmin
- ✅ - Nest
- ✅ - Traceback
- ✅ - Remote
- ✅ - Servmon
- ✅ - Admirer
- ✅ - Blunder
- ✅ - Tabby
- ✅ - Buff
- ✅ - Omni
- ✅ - Doctor
- ✅ - Academy
- ✅ - Laboratory
- ✅ - Luanne
- ✅ - Delivery
- ✅ - Toolbox
- ✅ - Sauna
- ✅ - ScriptKiddie
- ✅ - Armageddon
- ✅ - Spectra
- ✅ - Love
- ✅ - Cap
- ✅ - Knife
- ✅ - Previse
- ✅ - Paper
- ✅ - BountyHunter
- ✅ - Explore
- ✅ - Horizontall
- ✅ - Backdoor
- ✅ - Driver
Hack The Box - Medium Boxes
- ✅ - Popcorn
- ✅ - Bastard
- ✅ - Tenten
- ✅ - Cronos
- ✅ - October
- ✅ - Lazy
- ✅ - Sneaky
- ✅ - Haircut
- ✅ - Europa
- ✅ - Nineveh
- ✅ - Apocalyst
- ✅ - SolidState
- ✅ - Node
- ✅ - Enterprise
- ✅ - Jeeves
- ✅ - Inception
- ✅ - FluxCapacitor
- ✅ - Chatterbox
- ✅ - Aragog
- ✅ - Bart
- ✅ - Stratosphere
- ✅ - Celestial
- ✅ - Silo
- ✅ - Poison
- ✅ - Canape
- ✅ - Olympus
- ✅ - TartarSauce
- ✅ - DevOops
- ✅ - Hawk
- ✅ - Waldo
- ✅ - SecNotes
- ✅ - Giddy
- ✅ - Ypuffy
- ✅ - Carrier
- ✅ - Vault
- ✅ - Redcross
- ✅ - Lightweight
- ✅ - Chaos
- ✅ - Querier
- ✅ - Arkham
- ✅ - Unattended
- ✅ - Luke
- ✅ - Jarvis
- ✅ - Craft
- ✅ - Bitlab
- ✅ - Wall
- ✅ - Json
- ✅ - AI
- ✅ - Sniper
- ✅ - Mango
- ✅ - Obscurity
- ✅ - Monteverde
- ✅ - Book
- ✅ - Cascade
- ✅ - Magic
- ✅ - Cache
- ✅ - Fuse
- ✅ - SneakyMailer
- ✅ - OpenKeyS
- ✅ - Worker
- ✅ - Passage
- ✅ - Jewel
- ✅ - Bucket
- ✅ - Time
- ✅ - Ready
- ✅ - Tenet
- ✅ - Ophiuchi
Hack The Box - Hard Boxes
- ✅ - Joker
- ✅ - Calamity
- ✅ - Charon
- ✅ - Shrek
- ✅ - Mantis
- ✅ - Kotarak
- ✅ - Tally
- ✅ - CrimeStoppers
- ✅ - Falafel
- ✅ - Dropzone
Recurrent Tricks
- ✅ - File transfers
- ✅ - reverse shells with XC
- ✅ - SSH Tunnels
- ✅ - Intercepting HTTP and HTTPS requests with Burpsuite
The Concept of Hacking
The Goal is to capture both the User and the Root flags by gaining unauthorized access to the machines on HTB's private network, in order to get the flags, one has to employ various sets of pentesting skills, from finding out common vulnerabilities in the easier boxes, to crafting custom-exploitation for the harder boxes.
Binary Exploitation
gdb, gef, ghidra, pwntools, assembly, C, 32-64bit binaries, reverse engineering, CTF challenges
Nihilist
8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o
7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8 Donate XMR to Nihilist: