U.A. High School is an easy Tryhackme box where we start by finding a GET parameter that allows us to execute code, once in the box, we found a corrupted image that contains a user creds for then t...

The Red Hat Certified System Administrator (RHCSA) is a certification offered by Red Hat, Inc that validates an individual’s knowledge and skills in managing and administering Red Hat Enterprise Li...

Preparation You were hired as a dedicated external DFIR specialist to help the APIWizards Inc. company with a security incident in their production environment. APIWizards develop REST APIs on dem...

Usage is an easy HackTheBox machine where we discovered an SQL injection vulnerability on the web server, allowing us to extract the admin password hash. Cracking the hash enabled us to log in and ...

IClean is a medium machine by HackTheBox. We start by exploiting an XSS vulnerability to steal the admin’s session cookie. Using the cookie, we access the admin dashboard and find a SSTI vulnerabil...

BoardLight is an easy box on HackTheBox where we start by exploiting a vulnerability in the Dolibarr web application, using default credentials to gain access. We then pivot to a user account by le...