Analysing Malicious PDF’s Here we are again, delving into the realm of analyzing malicious PDF files.It’s crucial to recognize that PDFs can harbor various other types of code, all capable of execu...

Introduction The expected outcome of this room is to determine if a document is indeed malicious and then look for the following indicators: Presence of Malicious URLs References to File Nam...

Holo is an Active Directory and Web Application attack lab that teaches core web attack vectors and advanced\obscure Active Directory attacks along with general red teaming methodology and concep...

Machine abstract Skills Learned Exploitation method 1 Enumeration Nmap with the command nmap -sC -sV -A -oN nmap.scans -vv 10.10.10.37 ┌──(root㉿kali)-[/home/…/Documents/CTFs/HackTheBox/Blo...

Machine abstract MetaTwo is a Linux machine presenting an entry-level challenge. The website, powered by WordPress, employs a plugin susceptible to unauthenticated SQL injection (CVE-2022-0739). T...

Machine abstract This Linux system hosts a web application capable of generating PDF files from websites using pdfkit. Unfortunately, a vulnerability in pdfkit exposes the application to Command I...

Machine abstract This Linux machine exhibits misconfigurations in its NFS shares, enabling attackers to exploit user impersonation vulnerabilities. Such vulnerabilities allow malicious actors to up...

Machine abstract This Linux machine presents a multi-layered challenge ripe for exploration. Initial access is granted through a static web page, concealing a hidden web server login accessed with...

Introduction SIEM(Security Information and Event Management system) is a tool that collects data from various endpoints/network devices across the network, stores them at a centralized place, and p...

Introduction What to learn here What is an EDR and why are they useful solutions Where an EDR like Wazuh is used Accessing Wazuh Navigating Wazuh Learning about Wazuh rules and alerts ...