Backtrack is a medium-rated TryHackMe machine focused on Local File Inclusion (LFI). It begins with exploiting an Aria2 web app vulnerable to LFI, leading to a Tomcat credentials leak and gaining a...

Blurry is a medium box on HTB where we discovered a ClearML application. By exploiting CVE-2024-24590, that was affecting the ClearML web app, we gained a reverse shell. For privilege escalation, w...

Pyrat is an easy-rated TryHackMe machine that simulates a running Python RAT on an open socket. The challenge involves leaking a GitHub account to gain access to the PyRat source code, which helps ...

The London Bridge is a TryHackMe Medium machine where we first start by discovering an internal web server through SSRF, finding a .ssh folder that contains a private key, making it into the machin...

Cheese CTF is a TryHackMe easy machine where it starts finding an LFI vulnerability leading to RCE, escalate our privileges through a writable authorized_keys for then to manipulate a .timer servic...

Breakme is a Medium Tryhackme room where we start by exploiting an outdated wordpress plugin to gain higher privileges, gaining a reverse shell we found an internal web server that’s vulnerable to ...

Hammer is a medium rated room on TryHackMe. The room starts with a web server on an unusual port having a login page and a reset password feature, enumerating the web server we found an email that ...

U.A. High School is an easy Tryhackme box where we start by finding a GET parameter that allows us to execute code, once in the box, we found a corrupted image that contains a user creds for then t...

The Red Hat Certified System Administrator (RHCSA) is a certification offered by Red Hat, Inc that validates an individual’s knowledge and skills in managing and administering Red Hat Enterprise Li...

Preparation You were hired as a dedicated external DFIR specialist to help the APIWizards Inc. company with a security incident in their production environment. APIWizards develop REST APIs on dem...