👨💻👾👨💻👾👨💻👾
Search
Search
Search
Dark mode
Light mode
Explorer
Bug_Bounty
Methodology
Low_Hangers
7e-Discover Origin IP Address
403 Bypass Automation
Account Takeover via Hidden Parameters
Broken Link Hijacking
Click Jacking
Clipboard Enabled
EXIF Geolocation Data not Stripped From Uploaded Images
JWT Tokens Email Disclosure
No Rate Limit
Password Link over HTTP
Profile Image Not Deleted
Subdomain Takeover
Token Not Validated After Usage
WP and Drupal Simple P1 Bug
XSS to ATO
1-Find Seeds
2-Subdomain Scrapping
3-Github Dorking
4-List Hosts
5-Burp Suite Set Up
6-Endpoints Discovery
7-GF Patterns
8-Endpoints Enumeration
8-GF Automation
9-Live Hosts Enumeration
Find Target
VDP
Hall of Fame
README
CVEs
Disclosed
CVE-2024-6066
CVE-2024-6067
CVE-2024-6213
CVE-2024-6214
CVE-2024-6215
CVE-2024-6216
CVE-2024-6217
CVE-2024-6418
CVE-2024-6419
CVE-2024-7942
CVE-2024-7948
CVE-2024-8140
CVE-2024-8141
CVE-2024-8142
CVE-2024-8151
CVE-2024-8152
CVE-2024-8153
CVE-2024-8154
CVE-2024-8170
CVE-2024-8172
CVE-2024-8380
CVE-2024-9092
CVE-2024-9093
CVE-2024-10153
CVE-2024-10154
CVE-2024-10155
CVE-2024-10156
CVE-2024-10157
CVE-2024-10158
CVE-2024-10159
CVE-2024-10160
CVE-2024-10161
CVE-2024-10162
CVE-2024-10191
CVE-2024-10192
CVE-2024-10414
CVE-2024-10423
CVE-2024-10424
CVE-2024-10425
CVE-2024-10432
CVE-2024-10433
CVE-2024-10446
CVE-2024-10447
README
Hackthebox
Linux🐧
HTB - Cronos
HTB- WifineticTwo
HTB-Bitlab
HTB-Blurry
HTB-Boardlight
HTB-BountyHunter
HTB-Cap
HTB-Editorial
HTB-Forge
HTB-FormulaX
HTB-GoodGames
HTB-GreenHorn
HTB-Headless
HTB-IClean
HTB-Intuition
HTB-Jarvis
HTB-Lightweight
HTB-MagicGardens
HTB-MetaTwo
HTB-Nibbles
HTB-Node
HTB-October
HTB-Pandora
HTB-Perfection
HTB-PermX
HTB-Poison
HTB-Runner
HTB-Sea
HTB-Skyfall
HTB-Solidstate
HTB-Usage
HTB-Vault
Windows📘
HTB- Silo
HTB-Access
HTB-Active
HTB-Atom
HTB-Axlle
HTB-Blackfield
HTB-Cascade
HTB-Chatterbox
HTB-Control
HTB-Crafty
HTB-Forest
HTB-Freelancer
HTB-Fuse
HTB-Jab
HTB-Jeeves
HTB-Love
HTB-Mailing
HTB-Mist
HTB-Monteverde
HTB-Netmon
HTB-Object
HTB-Office
HTB-Pov
HTB-Querier
HTB-Reel
HTB-Remote
HTB-Resolute
HTB-Sauna
HTB-Solarlab
HTB-Worker
README
Others
Cybersecurity Companies (Might apply one day)
Pentesting
Active Directory🌐
1-Initial Enumeration🕵️
a-Introduction
b-External Recon
c-Internal Recon
2-Foothold Sniff🐽
a-LLMNR/NBT-NS Poisoning - Responder
b-LLMNR/NBT-NS Poisoning - Inveigh
3-Password Spraying🔫
a-Password Policy Enumeration
b-Create Target User List
c-Password Spraying - Linux
d-Password Spraying - Windows
4-Enumeration From Beachhead🏖️
a-Security Control Enumeration
b-Enumeration from beachhead - Linux
c-Enumeration from beachhead - Windows
d-Enumeration Without Tools
5-Kerberoasting🎫
a-Kerberoasting from Linux
b-Kerberoasting from Windows
6-ACL🙈
a-ACL Overview
b-ACL Enumeration
c-ACL Abuse
d-DCSync Attack
7-Privilege Escalation🔓
c-Known Vulnerabilities🩼
a-NoPac
b-PrintNightmare
c-PetitPotam
a-Privileged Access
b-Kerberos "Double Hop" Problem
d-Misconfigurations
File Transfer📁
File Transfer - Linux
File Transfer - More
File Transfer - Protected
File Transfer - Windows
File Transfer with code
Persistence and Dump🥷🏻
Dump🗑️
Attacking LSASS
Attacking NTDS.dit
Attacking SAM
Linux Persistence
Windows Persistence
Pivoting🔄
Socat🐱
Socat Bind Shell
Socat Reverse Shell
Tools🛠️
DNS Tunneling - Dnscat2
ICMP Tunneling - SOCKS
SOCKS5 - Chisel
Sshuttle
Web Server - Rpivot
Windows - Netsh
Windows - plink.exe
a-Discovery and Scan
b-Port Forwarding
c-Dynamic Port Forwarding
d-Reverse Port Forwarding w SSH
e-Meterpreter Tunneling
Privilege Escalation↗️
Crack Linux Hash
Credential Hunting
Interactive Shell
Linux Privilege Escalation
Pass the Hash
Pass the Ticket - Linux
Pass the Ticket - Windows
Windows Privilege Escalation
Services🛡️
Email Services
Port 21 - FTP
Port 53 - DNS
Port 80 - HTTP
Port 88 - Kerberos
Port 139,445 - SMB
Port 389 - LDAP
Port 445 - RPC
Port 1433 - MSSQL
Port 3306 - MySQL
Port 3389 - RDP
UDP 161 - SNMP
Web_App
A-Web Requests
a-HyperText Transfer Protocol(HTTP)
b-Hypertest Transfer Protocol Secure (HTTPS)
c-HTTP Requests and Responses
d-HTTP Headers
e-Methods and Codes
M1-GET
M2-POST
M3-CRUD API
B-Intro to Web Apps
Back End Vulns
a-Common Web Vulns
Front End Vulns
a-Sensitive Data Exposure
b-HTML Injection
c-Cross Site Request Forgery (CSRF)
c-XSS
a-intro
b-Layout
c-Front End Back End
d-HTML
d-JavaScript
e-CSS
f-Web Servers
g-Databases
h-Development and APIs
C-Proxy
a-Proxy Tools
D-Ffuf
a-Fuff
E-JavaScript Deobfuscation
a-intro
b-Basic Obfuscation
c-Advanced Obfuscation
d-Deobfuscation
e-Decoding
F-XSS💀
XSS Attacks
a-Defacing
b-Phishing
c-Sessions Hijacking
a-Intro
b-Stored XSS
c-Reflected XSS
d-DOM XSS
e-XSS Discovery
f-XSS Prevention
G-SQLi💉
Exploitation
a-Database Enumeration
b-Reading Files
c-Writing Files
MySQL
a-Intro
b-SQL Basics
SQLMap🗺️
a-intro
b-Basics
c-Enumeration
d-OS Exploitation
a-intro
b-SQLi Basics
c-Subvert Query Logic
d-Using Comments
e-Union Clause
f-Mitigation
H-Command Injection
Exploitation
a-Detection
b-Injecting Commands
Filter Evasion
a-Identify Filters
b-Bypass Space Filters
Bypass Blacklisted Commands
c-Bypass Other Blacklisted Characters
e-Advanced Command Obfuscation
f-Evasion Tools
a-intro
b-Prevention
I-File Upload📤
Bypass Filter
a-Client-Side Validation
b-Blacklist Filters
c-Whitelist Filters
d-Type Filters
e-Limited File Uploads
f-Other Upload Attacks
Tips
a-Shell
b-Prevention
J-Server Side Attacks
SSI
a-intro
b-SSI Injection
SSRF
a-intro
b-Identify SSRF
c-Exploit SSRF
d-Blind SSRF
SSTI
a-Intro
b-Identify SSTI
c-Jinja2
d-Twig
e-SSTImap
XSLT Injection
a-intro
b-Exploit XSLT Injection
a-Intro
K-Login Bruteforce
a-Intro
b-Default Passwords
c-Username Bruteforce
d-Hydra Modules
e-Personalized Wordlists
f-Service Authentication Bruteforce
L-Broken Authentication
Authentication Bypass
a-Via Direct Access
b-Via Parameter Modification
Bruteforce
a-User Enumeration
c-Bruteforce Password Reset Tokens
d-Bruteforce 2FA Codes
e-Weak Bruteforce Protection
Password Bruteforce
Password Attacks
a-Default Credentials
b-Vulnerable Password Reset
Session Attacks
a-Session Tokens
b-Further Session Attacks
a-Intro
M-Web Attacks⚔️
HTTP Verb Tampering
a-intro
b-Bypass Basic Authentication
c-Bypass Security Filters
d-Prevention
IDOR
a-Intro
b-Identify IDOR
c-Mass IDOR Enumeration
d-Bypass Encoded References
e-IDOR in Insecure APIs
f-Chaining IDORs
XXE
a-intro
b-Local File Disclosure
c-Advanced File Disclosure
d-Blind Data Exfiltration
a-Intro
N-File Inclusion📁
Automation
a-Automated Scanning
b-Prevention
File Disclosure
a-LFI
b-Basic Bypasses
c-PHP Filters
RCE
a-PHP Wrappers
b-RFI
c-LFI and File Uploads
d-Log Poisoning
a-intro
O-Session Security
Session Attacks
a-Session Hijacking
b-Session Fixation
c-Obtain Session Identifier wo User Interaction
d-XSS
e-CSRF
f-GET Based CSRF
g-POST Based CSRF
h-Chain XSS CSRF
i-Weak CSRF Tokens
j-Bypasses
k-Open Redirect
a-intro
P-API Attacks
API Attacks
a-Attack Wordpress xmlrpc.php
c-Arbitrary File Upload
d-LFI
e-SSRF
e-XSS
g-ReDos
h-XXE
Information Disclosure w SQLi
a-intro
b-WSDL
c-SOAPAction Spoofing
d-Command Injection
Q-Wordpress
Enumeration
a-WP Core Version Enumeration
b-Plugins and Themes Enumeration
c-Directory Indexing
d-User Enumeration
e-Login
f-WPScan
Exploitation
a-Vulnerable Plugin
b-Attacker User
c-RCE
d-WP and Metasploit
a-intro
R-BBH Process
a-Bug Bounty Programs
b-Writing Report
Home
❯
tags
❯
Tag: htb
Tag: htb
61 items with this tag.
Jan 07, 2025
HTB-Runner
htb
linux
medium
knockpy
cve-2023-42793
teamcity
chisel
portrainer
Jan 07, 2025
HTB-Sea
htb
linux
easy
feroxbuster
wondercms
xss
bcrypt
hashcat
port-forwarding
cme
Jan 07, 2025
HTB-Skyfall
htb
linux
insane
minio
mc
vault
Jan 07, 2025
HTB-Solidstate
smtp
pop3
nntp
rsip
htb
linux
pspy
cron
rbash
medium
Jan 07, 2025
HTB-Usage
htb
linux
easy
laravel
file-upload
sudo
sudoers
wildcard
sqlmap
sqli
Jan 07, 2025
HTB-Vault
pivoting
openvpn
chisel
file-upload
firewall-ev
base32
gpg
web-shell
linux
htb
medium
Jan 07, 2025
HTB- WifineticTwo
htb
linux
wifi
openplc
oneshot
pixiedust
medium
Jan 07, 2025
HTB-Access
htb
windows
mdb
mdb-tools
telnet
msfvenom
persistence
runas
savecred
lsass-dmp
mimikatz
readpst
procdump
easy
Jan 07, 2025
HTB-Active
htb
windows
active-directory
gpp
kerberoasting
psexec
easy
Jan 07, 2025
HTB-Atom
htb
windows
electron-builder
redis
redis-dump
powerup-ps1
asar
msfvenom
electron-updater
cyberchef
kanban
medium
Jan 07, 2025
HTB-Axlle
htb
windows
active-directory
hard
xll
xll-exec
hta
bloodhound
forcechangepassword
icacls
Jan 07, 2025
HTB-Blackfield
htb
windows
active-directory
kerbrute
getnpusers
getuserspns
as-rep-roasting
bloodhound
forcechangepassword
lsass-dmp
sebackupprivilege
pypykatz
secretsdump
ntds-dit
hard
Jan 07, 2025
HTB-Cascade
htb
windows
medium
active-directory
ldap
password-spray
bloodhound
tightvnc
aes
dnspy
ilspy
cyberchef
ad-recycle-bin
Jan 07, 2025
HTB-Chatterbox
htb
windows
achat
bufferoverflow
icacls
medium
Jan 07, 2025
HTB-Control
htb
windows
sqli
sqlmap
http-header
wfuzz
sqli-shell
powershell
credential-object
invoke-command
powershell-history
get-acl
acl
sddl
hard
Jan 07, 2025
HTB-Crafty
htb
windows
easy
minecraft
log4j
tlauncher
runascs
jd-gui
jar
Jan 07, 2025
HTB-Forest
htb
windows
easy
active-directory
genericall
as-rep-roasting
bloodhound
sharphound
writedacl
mimikatz
Jan 07, 2025
HTB-Freelancer
htb
windows
hard
cyberchef
qr
sql
sql-terminal
xp_cmdshell
sql_rce
sa_impersonation
password-hunting
password-spray
runascs
bloodhound
mimikatz
dmp
rbcd
addcomputer
getst
secretsdump
Jan 07, 2025
HTB-Fuse
htb
windows
active-directory
papercut
printer
kerbrute
password-spray
enumprinters
powerup-ps1
seloaddriverprivilege
persistence
add-user
msfvenom
smbpasswd
medium
Jan 07, 2025
HTB-Jab
htb
windows
medium
xmpp
spark
tcpdump
getnpusers
as-rep-roasting
bloodhound
dcomexec
executedcom
chisel
Jan 07, 2025
HTB-Jeeves
htb
windows
jenkins
seimpersonateprivilege
juicypotato
persistence
psexec
medium
Jan 07, 2025
HTB-Love
htb
windows
ssrf
voting-system
alwaysinstallelevated
msfvenom
easy
Jan 07, 2025
HTB-Mailing
htb
windows
lfi
smtp
hmailserver
responder
sam
easy
Jan 07, 2025
HTB-Monteverde
windows
active-directory
htb
azure
medium
Jan 07, 2025
HTB-Netmon
htb
windows
ftp
prtg
easy
Jan 07, 2025
HTB-Object
htb
windows
active-directory
jenkins
firewall
firewall-enum
jenkins-password
bloodhound
forcechangepassword
powerview-ps1
targeted-kerberoasting
genericwrite
logon-script
writeowner
hard
Jan 07, 2025
HTB-Office
htb
windows
hard
joomla
cve-2023-23752
kerbrute
password-spray
wireshark
kerberos-crack
joomla-rce
certutil
runascs
chisel
cve-2023-2255
jaws
stored-credentials
mimikatz
dpapi
gpo
Jan 07, 2025
HTB-Pov
htb
windows
medium
lfi
viewstate
ysoserial
pscredential
runascs
dedebug
psgetsys-ps1
meterpreter
migrate
Jan 07, 2025
HTB-Querier
htb
windows
mssql
impacket-mssqlclient
macros
responder
xp_cmdshell
powerup-ps1
medium
Jan 07, 2025
HTB-Reel
htb
windows
hard
active-directory
ftp
ismtp
cve-2017-0199
rtf
pscredential
bloodhound
applocker
powerview-ps1
writeowner
writedacl
Jan 07, 2025
HTB-Remote
htb
windows
easy
nfs
umbraco
teamviewer
tasklist
aes
cve-2019-18988
Jan 07, 2025
HTB-Resolute
htb
active-directory
windows
rpcclient
dnsadmins
ntds-dit
secretsdump
bloodhound
add-user
persistence
ldapsearch
awk
medium
Jan 07, 2025
HTB-Sauna
htb
windows
active-directory
bloodhound
create-user-list
as-rep-roasting
kerberos
kerbrute
dcsync
secretsdump
persistence
getnpusers
getuserspns
easy
Jan 07, 2025
HTB- Silo
htb
windows
oracle
tns
port-1521
odat
sqlplus
msfvenom
dmp
volatility
hashdump
medium
Jan 07, 2025
HTB-Solarlab
htb
windows
medium
reportlab
runascs
openfire
Jan 07, 2025
HTB-Worker
htb
windows
azure
azure-devops
web-shell
svn
subversion
medium
Jan 07, 2025
HTB-Bitlab
htb
linux
gitlab
psql
postgresql
git
pull
ollydbg
reversing
ping-sweep
tunneling
chisel
medium
Jan 07, 2025
HTB-Blurry
htb
linux
medium
clearml
sudoers
evaluate_model
Jan 07, 2025
HTB-Boardlight
htb
linux
easy
vhost
dolibarr
enlightment
suid
Jan 07, 2025
HTB-BountyHunter
htb
linux
easy
xxe
sudoers
Jan 07, 2025
HTB-Cap
htb
linux
ftp
pcap
wireshark
setuid
capabilities
easy
Jan 07, 2025
HTB - Cronos
htb
linux
sql
sqli
nslookup
cron
cme
persistence
laravel
sqlmap
ssh-keygen
medium
Jan 07, 2025
HTB-Editorial
htb
linux
easy
ssrf
git
sudoers
cve-2022-24439
Jan 07, 2025
HTB-Forge
htb
linux
ssrf
ssrf-bypass
sudo
pdb
medium
Jan 07, 2025
HTB-FormulaX
htb
linux
hard
chatbot
blind-xss
xss
cve-2022-24439
mongodb
chisel
librenms
sudoers
Jan 07, 2025
HTB-GoodGames
htb
linux
sqli
sqlmap
ssti
docker
container
pivoting
easy
Jan 07, 2025
HTB-GreenHorn
htb
linux
easy
pluck
cve-2023-50564
depix
pixelated
Jan 07, 2025
HTB-Headless
htb
linux
sudo
xss
xss-cookie-stealing
cme
Jan 07, 2025
HTB-IClean
htb
linux
medium
blind-xss
xss-cookie-stealing
ssti
ssti-to-shell
mysql
sudoers
Jan 07, 2025
HTB-Intuition
htb
linux
hard
xss
xss-cookie-stealing
ssrf
cve-2023-24329
ansible
suricata
Jan 07, 2025
HTB-Jarvis
htb
linux
sqli
sqlmap
cme
systemctl
medium
Jan 07, 2025
HTB-Lightweight
htb
linux
ldap
tcpdump
openssl
wireshark
capabilities
sudoers
medium
Jan 07, 2025
HTB-MagicGardens
htb
linux
insane
django
smtp
docker
docker-registry
chisel
remote-debugging
Jan 07, 2025
HTB-MetaTwo
htb
linux
sqli
sqlmap
bookingpress
cve-2021-29447
wordpress
xxe
passpie
gpg
gpg2john
easy
Jan 07, 2025
HTB-Nibbles
htb
linux
easy
sudoers
web-shell
Jan 07, 2025
HTB-Node
htb
linux
javascript
API
mongodb
controllers
zip2john
medium
Jan 07, 2025
HTB-October
htb
linux
october-cms
laravel
file-upload
lse-sh
bufferoverflow
medium
Jan 07, 2025
HTB-Pandora
htb
linux
snmp
snmpwalk
snmapbulkwalk
suid
pivoting
chisel
port-forwarding
sqli
persistence
ltrace
easy
Jan 07, 2025
HTB-Perfection
htb
linux
easy
ssti
ruby
ruby-ssti
ssti-to-shell
hash-cracking
Jan 07, 2025
HTB-PermX
htb
linux
easy
ffuf
subdomain-bruteforce
chamilo
mysql
sudoers
bcrypt
acl
Jan 07, 2025
HTB-Poison
htb
linux
freebsd
lfi
zip2john
vnc
tunneling
persistence
medium