Labs

Jeeves is not overly complicated, however it focuses on some interesting techniques and provides a great learning experience. As the […]
Cap is an easy difficulty Linux machine running an HTTP server that performs administrative functions including performing network captures. Improper […]
SecNotes is a medium difficulty machine, which highlights the risks associated with weak password change mechanisms, lack of CSRF protection […]
Legacy is a fairly straightforward beginner-level machine which demonstrates the potential security risks of SMB on Windows. Only one publicly […]
Devel, while relatively simple, demonstrates the security risks associated with some default program configurations. It is a beginner-level machine which […]
Grandpa is one of the simpler machines on Hack The Box, however it covers the widely-exploited CVE-2017-7269. This vulnerability is […]
Netmon is an easy difficulty Windows box with simple enumeration and exploitation. PRTG is running, and an FTP server with […]
Although Jerry is one of the easier machines on Hack The Box, it is realistic as Apache Tomcat is often […]
Lame is a beginner level machine, requiring only one exploit to obtain root access. It was the first machine published […]
Alien Cradle is a “really easy” ranked challenge within the Hack the Box platform In an attempt for the aliens […]
Trapped Source is a Challenge in the Hackthebox platform Intergalactic Ministry of Spies tested Pandora’s movement and intelligence abilities. She […]
Red Miners is a challenge on the Hack the box platform. This is a download from the site and no […]
First thing we are going to want to do on this box is to enumerate as always Nmap returns 2 […]
The information we’ve been granted for this box is a username “pilot”. Running an nmap scan against the machine gives […]
This is a relatively easy machine that tries to teach you a lesson, but perhaps you’ve already learned the lesson? […]
A challenge that tests your reconnaissance and OSINT skills. SuperSecure Corp, a fast-paced startup, is currently creating a blogging platform […]
A multinational technology company has been the target of several cyber attacks in the past few months. The attackers have […]
Based on real-world occurrences and past analysis, this scenario presents a narrative with invented names, characters, and events. Please note: The […]
You’ve learned some great nmap skills! Now can you combine that with other skills with netcat and protocols, to log in to this machine […]
CVE-2020-1938 This room is basic and is searching for two different flags. A user.txt flag, and a root.txt flag. Enumerating […]
Depending on the EF Codd relational model, an RDBMS allows users to build, update, manage, and interact with a relational […]
Deploy & hack into a Windows machine, exploiting a very poorly secured media server. Recon Lets enumerate with nmap to […]
It has been a bit since I’ve work some red team tasks so decided to jump in and knock out […]
Agent T uncovered this website, which looks innocent enough, but something seems off about how the server responds.. Lets check […]
Opacity is an easy machine that can help you in the penetration testing learning process. There are 2 hash keys located on […]
This room is designed for users to get familiar with the Bolt CMS and how it can be exploited using Authenticated Remote […]
SSL issues are still lurking in the wild. Can you exploit this web servers OpenSSL? Knowing this box was related […]
John likes to live in a very Internet connected world. Maybe too connected… John was working on his smart home […]
Can you root this Mr. Robot styled machine? This is a virtual machine meant for beginners/intermediate users. There are 3 […]
This lab look involves gathering data and locating a flag First thing I’m going to do is scan the machine […]
We are Spice Hut, a new startup company that just made it big! We offer a variety of spices and […]
Hello Hacker! TopTierConversions LTD is proud to announce its latest and greatest product launch: MD2PDF. This easy-to-use utility converts markdown […]
This box is an easy rated box. Appears to only be looking for user and root flag. So lets go! […]
Hello there, I am the CEO and one of the co-founders of futurevera.thm. In Futurevera, we believe that the future […]
This box appears to be looking for just the user.txt file as well as the root.txt file. It doesnt give […]
Back at it again after a break! This box appears to be about enumerating and then compromising to get a […]
This lab is going to be a Beast. This will be on ongoing lab that I will update this post […]
This lab is an OSINT lab (my favorite) It appears to be searching for the following info using a photo […]
Try to get the two flags!  Root the machine and prove your understanding of the fundamentals! This is a virtual […]
This machine appears to be the exploit for eternal blue Time to enumerate!   It is looking for how many […]