Loading...
All content extracted from GitHub & open-source. We don't own any content. For educational purposes only.
268 writeups found
*Who thought making a flying shell was a good idea?* For this mission, you have been assigned the codename "pilot". Press the Start Machine button to ...
1. [Event Tracing](#event-tracing) 2. [Approaches to Log Evasion](#approaches-to-log-evasion) 3. [Tracing Instrumentation](#tracing-instrumentation)
1. [Exploiting Permission Delegation](#exploiting-permission-delegation) 2. [Exploiting Kerberos Delegation](#exploiting-kerberos-delegation) 3. [Expl...
1. [Introduction](#introduction) 2. [Types of Firewalls](#types-of-firewalls) 3. [Evasion via Controlling the Source MAC/IP/Port](#evasion-via-control...
```shell rustscan -a 10.10.85.61 --range 0-65535 --ulimit 5000 gobuster dir -u http://10.10.85.61 -w /usr/share/wordlists/dirb/common.txt -x php,txt,h...
```shell sudo vim /etc/hosts nmap -T4 -p- -A -Pn -v gallery.thm
1. [Introduction](#introduction) 2. [Obtain access via SQLi](#obtain-access-via-sqli) 3. [Using SQLMap](#using-sqlmap)
```shell nmap -T4 -p- -A 10.10.238.32 feroxbuster -u http://10.10.238.32 -w /usr/share/wordlists/dirb/common.txt -x php,html,bak,js,txt,json,docx,pdf,...
```shell rustscan -a 10.10.55.181 --range 0-65535 --ulimit 5000 -- -sV gobuster dir -u http://10.10.55.181 -w /usr/share/wordlists/dirb/common.txt -x ...
```shell rustscan -a 10.10.117.221 --range 0-65535 --ulimit 5000 -- -sV feroxbuster -u http://10.10.117.221 -w /usr/share/wordlists/dirbuster/director...
1. [Deploy the vulnerable Windows machine](#deploy-the-vulnerable-windows-machine) 2. [Using Hydra to brute-force a login](#using-hydra-to-brute-force...
Nmap Scan ```shell
1. [What is PowerShell?](#what-is-powershell) 2. [Basic PowerShell Commands](#basic-powershell-commands) 3. [Enumeration](#enumeration)
```shell nmap -T4 -A -v 34.245.72.138 msfconsole -q
1. [Flag Submission Panel](#flag-submission-panel) 2. [.NET Basics](#net-basics) 3. [Initial Recon](#initial-recon)
```shell nmap -T4 -p- -A -v 10.10.158.62 nc -nvlp 4444
1. [Command and Control Framework Structure](#command-and-control-framework-structure) 2. [Common C2 Frameworks](#common-c2-frameworks) 3. [C2 Operati...
1. [Malware Analysis](#malware-analysis) 2. [Techniques of malware analysis](#techniques-of-malware-analysis) 3. [Basic static analysis](#basic-static...
1. [Introduction](#introduction) 2. [Symmetric Encryption](#symmetric-encryption) 3. [Asymmetric Encryption](#asymmetric-encryption)
* As the machine starts, we can check that it tries to connect to a certain IP. * We can check the system info from the Settings. * To view the user l...
```shell sudo vim /etc/hosts nmap -T4 -p- -A -Pn -v joat.thm
1. [Introduction](#introduction) 2. [Target Options](#target-options) 3. [Module Options](#module-options)
```shell nmap -T4 -p- -A -v 10.10.100.2 feroxbuster -u http://10.10.100.2 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x php,html,...
nmap scan ```nmap -T4 -p- -A 10.10.76.249```
```shell rustscan -a 10.10.73.61 --range 0-65535 --ulimit 5000 gobuster dir -u http://10.10.73.61 -w /usr/share/wordlists/dirbuster/directory-list-2.3...
```shell nmap -T4 -p- -A -v 10.10.46.49 feroxbuster -u http://10.10.46.49 -w /usr/share/wordlists/dirb/common.txt -x php,html,bak,js,txt,json,docx,pdf...
1. [OS and account information](#os-and-account-information) 2. [System Configuration](#system-configuration) 3. [Persistence mechanisms](#persistence...
1. [Windows Sysinternals](#windows-sysinternals) 2. [LOLBAS Project](#lolbas-project) 3. [File Operations](#file-operations)
```shell nmap -T4 -A 10.10.151.254 ssh 10.10.220.172 -p 11111
```shell sudo vim /etc/hosts nmap -T4 -p- -A -Pn -v castle.thm
```shell rustscan -a 10.10.180.184 --range 0-65535 --ulimit 5000 -- -sV gobuster dir -u http://10.10.180.184 -w /usr/share/wordlists/dirbuster/directo...
1. [Understanding Malware Campaigns](#understanding-malware-campaigns) 2. [Identifying if a Malware Attack has Happened](#identifying-if-a-malware-att...
Nmap scan ```shell
```shell rustscan -a 10.10.50.119 --range 0-65535 --ulimit 5000 -- -sV feroxbuster -u http://10.10.50.119 -w /usr/share/wordlists/dirb/common.txt -x p...
1. [Introduction](#introduction) 2. [IDS Engine Types](#ids-engine-types) 3. [IDS/IPS Rule Triggering](#idsips-rule-triggering)
* According to the given scenario, we have to interact with the Splunk instance to sift through the events of "Widget LLC" and check for suspicious ac...
1. [Origins of Obfuscation](#origins-of-obfuscation) 2. [Obfuscation's Function for Static Evasion](#obfuscations-function-for-analysis-deception) 3. ...
```shell nmap -T4 -p- -A -Pn -v 10.10.174.97 python3 CVE-2021-41773.py -t 10.10.174.97
* We are given an image, and using OSINT, we have to answer some questions. 1. What is the users avatar of? ```markdown
```shell sudo vim /etc/hosts nmap -T4 -p- -A -Pn -v ollie.thm
```shell nmap -T4 -p- -A -Pn -v olympus.thm feroxbuster -u http://olympus.thm -w /usr/share/wordlists/dirb/common.txt -x php,html,bak,js,txt,json,docx...
1. [Interacting with the Osquery Shell](#interacting-with-the-osquery-shell) 2. [Schema Documentation](#schema-documentation) 3. [Creating Queries](#c...
1. [Osquery: Interactive Mode](#osquery-interactive-mode) 2. [Schema Documentation](#schema-documentation) 3. [Creating SQL queries](#creating-sql-que...
```shell rustscan -a 10.10.118.126 --range 0-65535 --ulimit 5000 -- -sV gobuster dir -u http://10.10.118.126 -w /usr/share/wordlists/dirb/common.txt -...
1. [Forensics - Analyse the PCAP](#forensics---analyse-the-pcap) 2. [Research - Analyse the code](#research---analyse-the-code) 3. [Attack - Get back ...
1. [Password Attacking Techniques](#password-attacking-techniques) 2. [Password Profiling - Default, Weak, Leaked, Combined and Username Wordlists](#p...
1. [Persistence through Credentials](#persistence-through-credentials) 2. [Persistence through Tickets](#persistence-through-tickets) 3. [Persistence ...
1. [Intro](#intro) 2. [Writing Convincing Phishing Emails](#writing-convincing-phishing-emails) 3. [Phishing Infrastructure](#phishing-infrastructure)
```shell nmap -T4 -p- -A -Pn -v 10.10.85.183 gobuster dir -u http://10.10.85.183 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x ph...
1. [Enumeration with Powerview](#enumeration-with-powerview) 2. [Enumeration with Bloodhound](#enumeration-with-bloodhound) 3. [Dumping hashes with mi...
```shell nmap -T4 -p- -A -v 10.10.104.49 msfconsole -q
1. [Windows Print Spooler Service](#windows-print-spooler-service) 2. [Remote Code Execution Vulnerability](#remote-code-execution-vulnerability) 3. [...
```markdown We can use the FullEventLogView tool as given; go to Options > Advanced Options > enable 'Show events from all times'. Now, to find the do...
* We can begin by checking the PCAP file given and inspect the SMB2 protocol. * The destination IP of the SMB2 protocol traffic indicates the remote a...
1. [Analysing Malicious PDF's](#analysing-malicious-pdfs) 2. [Analysing Malicious Microsoft Office Macros](#analysing-malicious-microsoft-office-macro...
```shell ping -c 3 10.10.81.61 nmap -T4 -p- -A -v 10.10.81.61
1. [Built-in Tools](#built-in-tools) 2. [Advanced Searching](#advanced-searching) 3. [Specialized Search Engines](#specialized-search-engines)
1. [Introduction](#introduction) 2. [Data Collection](#data-collection) 3. [The Redline Interface](#the-redline-interface)
Nmap scan ```shell
```shell nmap -T4 -p- -A -v 10.10.247.238 redis-cli -h 10.10.247.238 -p 6379
```shell nmap -T4 -p- -A -Pn -v 10.10.163.31 feroxbuster -u http://10.10.163.31 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x php...
nmap scan ```nmap -T4 -p- -A 10.10.147.4```
1. [Runtime Detections](#runtime-detections) 2. [AMSI Overview](#amsi-overview) 3. [AMSI Instrumentation](#amsi-instrumentation)
1. [Tip-Off](#tip-off) 2. [Reconnaissance](#reconnaissance) 3. [Unveil](#unveil)
* This room is about IMINT/GEOINT (image intelligence and geospatial intelligence). The flags in this room will be in the format ```sl{}```. * There a...
1. [Signature Identification](#signature-identification) 2. [Automating Signature Identification](#automating-signature-identification) 3. [Static Cod...
Nmap scan ```shell
```shell rustscan -a 10.10.45.39 --range 0-65535 --ulimit 5000 -- -sV gobuster dir -u http://10.10.45.39 -w /usr/share/wordlists/dirb/common.txt -x ph...
1. [Introduction](#introduction) 2. [Reconnaissance](#reconnaissance) 3. [Discovery](#discovery)
```shell rustscan -a 10.10.108.49 --range 0-65535 --ulimit 5000 -- -sV python3 CVE-2019-15107.py --help
1. [What are "strings"](#what-are-strings) 2. [Practical: Extracting "strings" from an Application](#practical-extracting-strings-from-an-application)...
```shell sudo vim /etc/hosts nmap -T4 -p- -A -Pn -v sustah.thm
1. [Introduction](#introduction) 2. [Cutting out the Noise](#cutting-out-the-noise) 3. [Hunting Metasploit](#hunting-metasploit)
1. [Unique Threat Intel](#unique-threat-intel) 2. [Publicly Generated IOCs](#publicly-generated-iocs) 3. [Leveraging "Know Your Environment": Tripwire...
1. [Preparation - Log Analysis](#preparation---log-analysis) 2. [Preparation - Tools and Artifacts](#preparation---tools-and-artifacts) 3. [Initial Ac...
1. [UrlScan.io](#urlscanio) 2. [Abuse.ch](#abusech) 3. [PhishTool](#phishtool)
1. [Where am I?](#where-am-i) 2. [Planning to escape](#planning-to-escape) 3. [What Rize is trying to say?](#what-rize-is-trying-to-say)
```shell nmap -T4 -A 10.10.75.77 gobuster dir -u http://10.10.75.77 -w /usr/share/wordlists/dirb/common.txt -x php,txt,html,bak
```shell rustscan -a 10.10.193.156 --range 0-65535 --ulimit 5000 -- -sV gobuster dir -u http://10.10.193.156:8081 -w /usr/share/wordlists/dirb/common....
* Windows Forensics cheatsheet: * System info & accounts: * OS version - ```SOFTWARE\Microsoft\Windows NT\CurrentVersion```
1. [Introduction](#introduction) 2. [Deployment](#deployment) 3. [Interacting with client machines](#interacting-with-client-machines)
```shell nmap -T4 -p- -A -Pn -v 10.10.205.111 crackmapexec smb 10.10.205.111
* We can start by importing zone1.pcap file in Brim. * Using the query 'Suricata Alerts by Category', we can check the alert category 'Malware Command...
* First, we can open the provided .pcap file in Brim to analyze. * From the given queries, we can choose ```Suricata Alerts by Category``` - modify th...
```shell rustscan -a 10.10.39.151 --range 0-65535 --ulimit 5000 -- -sV ftp 10.10.39.151
* We have to find as much as information as possible about the website RepublicOfKoffee.com, which does not exist. * We can search it up with quotes, ...
```shell sudo vim /etc/hosts nmap -T4 -p- -A -Pn -v wekor.thm
nmap scan ```nmap -T4 -p- -A 10.10.213.126```
1. [Introduction to Windows Forensics](#introduction-to-windows-forensics) 2. [Windows Registry and Forensics](#windows-registry-and-forensics) 3. [Ac...
1. [The FAT file systems](#the-fat-file-systems) 2. [The NTFS file system](#the-ntfs-file-system) 3. [Recovering deleted files](#recovering-deleted-fi...
1. [Understanding General Concepts](#understanding-general-concepts) 2. [Identity & Access Management](#identity--access-management) 3. [Network Manag...
1. [Processes](#processes) 2. [Threads](#threads) 3. [Virtual Memory](#virtual-memory)
1. [Tampering with Unprivileged Accounts](#tampering-with-unprivileged-accounts) 2. [Backdooring Files](#backdooring-files) 3. [Abusing Services](#abu...
1. [Introduction](#introduction) 2. [Harvesting Passwords from Usual Spots](#harvesting-passwords-from-usual-spots) 3. [Other Quick Wins](#other-quick...
1. [Nmap Scans](#nmap-scans) 2. [ARP Poisoning & Man In The Middle](#arp-poisoning--man-in-the-middle) 3. [Identifying Hosts: DHCP, NetBIOS and Kerber...
```shell rustscan -a 10.10.126.181 --range 0-65535 --ulimit 5000 -- -sV gobuster dir -u http://10.10.126.181 -w /usr/share/wordlists/dirbuster/directo...
1. [Intro](#intro) 2. [Webserver](#webserver) 3. [Pivoting](#pivoting)
```shell rustscan -a 10.10.128.186 --range 0-65535 --ulimit 5000 -- -sV feroxbuster -u http://10.10.128.186 -w /usr/share/wordlists/dirb/common.txt -x...
1. [Network Security Monitoring and Zeek](#network-security-monitoring-and-zeek) 2. [Zeek Logs](#zeek-logs) 3. [CLI Kung-Fu](#cli-kung-fu)
1. [Anomalous DNS](#anomalous-dns) 2. [Phishing](#phishing) 3. [Log4J](#log4j)
* This room covers the walkthrough for the Zero Logon exploit, which abuses a MS-NRPC (Microsoft NetLogon Remote Protocol) feature. * We use the [Proo...
* ```ffuf``` - Fuzz Faster U Fool - used for web enumeration, fuzzing, directory brute forcing: ```shell ffuf -u http://10.10.99.194/FUZZ -w /usr/shar...
```shell rustscan -a 10.10.53.85 --range 0-65535 --ulimit 5000 -- -sV hydra -l jenny -P /usr/share/wordlists/rockyou.txt 10.10.53.85 ftp
nmap scan ```nmap -T4 -p- -A 10.10.233.93```
```shell nmap -T4 -p- -A -v 10.10.186.74 msfconsole -q
Some mistakes can be costly. Gain a shell, find the way and escalate your privileges! Note: Bruteforcing is out of scope for this room.
Escalate your privileges by exploiting vulnerable binaries. Enumerate the machine and get an interactive shell. Exploit an SUID bit file, use GNU debu...
This room is aimed for beginner level hackers but anyone can try to hack this box. There are two main intended ways to root the box. This room is aime...
Can you guess the password of the admin user and log in to the dashboard? Note: Use the first 100 lines of rockyou.txt Answer the questions below
Inspired by the great cheese talk of THM! Please allow the machine a minimum of 5-7 minutes to boot. This is essential for the best part of the machin...
Exploit a vulnerable web application and some misconfigurations to gain root privileges. Please wait up to 5 minutes for the machine to boot up prope...
Can you exploit the CyberLens web server and discover the hidden flags? Challenge Description Welcome to the clandestine world of CyberLens, where s...
boot2root machine for FIT and bsides guatemala CTF Read user.txt and root.txt `nmap -A -vv 10.10.217.70`
Use your red teaming knowledge to pwn a Linux machine. This challenge is an initial test to evaluate your capabilities in red teaming skills. Start t...
Just working on a typical day as a software engineer, Perry received an encrypted 7z archive from his boss containing a snippet of a source code that ...
On Friday, September 15, 2023, Michael Ascot, a Senior Finance Director from SwiftSpend, was checking his emails in Outlook and came across an email a...
Use your injection skills to take control of a web app. *Can you utilise your web pen-testing skills to safeguard the event from any injection attack?...
 Help Sebastian and his team of investigators to withstand the dangers that come ahead. This room is based on a video game cal...
read user.txt and root.txt `nmap -sV -sC -A 10.10.226.68` ```
*Crack the code, command the exploit! Dive into the heart of the system with just an RCE CVE as your key.* From Three Million Bricks to Three Million...
Step into the realm of TryHackM3 as we approach 3 million users, where '3 is the magic number'! Embark on the TryHackM3 challenge, intercepting creden...
Exploit Ubuntu, like a Turtle in a Hurricane [0day](https://tryhackme.com/room/0day) - Network Enumeration
Get started with Cyber Security in 25 Days - Learn the basics by doing a new, beginner friendly security challenge every day leading up to Christmas. ...
Get started with Cyber Security in 25 Days - Learn the basics by doing a new, beginner friendly security challenge every day leading up to Christmas. ...
Exploit a Windows machine in this beginner level challenge. [Anthem](https://tryhackme.com/room/anthem) - Network Enumeration
Hack my server dedicated for building communications applications. [Aster](https://tryhackme.com/room/aster) - Network Enumeration
Learn how to leverage AttackerKB and learn about exploits in your workflow! [AttackerKB](https://tryhackme.com/room/attackerkb) - Network Enumeration
Escalate your privileges by exploiting vulnerable binaries. [Binex](https://tryhackme.com/room/binex) - Network Enumeration
Hack into this Windows machine and escalate your privileges to Administrator. [Blueprint](https://tryhackme.com/room/blueprint) - Network Enumeration
A hero is unleashed [Bolt](https://tryhackme.com/room/bolt) - Network Enumeration
You talked a big game about being the most elite hacker in the solar system. Prove it and claim your right to the status of Elite Bounty Hacker! [Boun...
Help Cage bring back his acting career and investigate the nefarious goings on of his agent! [Break Out The Cage](https://tryhackme.com/room/breakoutt...
Learn how to brute, hash cracking and escalate privileges in this box! [Brute It](https://tryhackme.com/room/bruteit) - Network Enumeration
Can you root this Gila CMS box? [CMesS](https://tryhackme.com/room/cmess) - Network Enumeration
Sharpening up your CTF skill with the collection. The first volume is designed for beginner. [CTF collection Vol.1](https://tryhackme.com/room/ctfcoll...
Sharpening up your CTF skill with the collection. The second volume is about web-based CTF. [CTF collection Vol.2](https://tryhackme.com/room/ctfcolle...
Recover your clients encrypted files before the ransomware timer runs out! [Carpe Diem 1](https://tryhackme.com/room/carpediem1) - Network Enumeration
Boot-to-root with emphasis on crypto and password cracking. [CherryBlossom](https://tryhackme.com/room/cherryblossom) - Network Enumeration
In this room you'll learn what CSP is, what it's used for and how to recognize vulnerabilities in a CSP header. [Content Security Policy](https://tryh...
My friend Dave made his own blog! [Dave's Blog](https://tryhackme.com/room/davesblog) - Network Enumeration
Learn to exploit the BoltCMS software by researching exploit-db. [Erit Securus I](https://tryhackme.com/room/eritsecurusi) - Network Enuemration
lucrecia has installed multiple web applications on the server. [Ghizer](https://tryhackme.com/room/ghizerctf) - Network Enumeration
SSL issues are still lurking in the wild. Can you exploit this web servers OpenSSL? [HeartBleed](https://tryhackme.com/room/heartbleed) - HeartBleed
Learn about and use Hydra, a fast network logon cracker, to bruteforce and obtain a website's credentials. [Hydra](https://tryhackme.com/room/hydra) *...
Penetration Testing Challenge [Internal](https://tryhackme.com/room/internal) - Network Enumeration
Learn the basics of python in this interactive walkthrough room. [Intro to Python](https://tryhackme.com/room/introtopython) - Coding Python
How it works and why should I learn it? [Introduction to Django](https://tryhackme.com/room/django) * Coding Python
Can you get access to Iron Corp's system? [Iron Corp](https://tryhackme.com/room/ironcorp) - Network Enumeration
Learn the basics of local file inclusion [LFI Basics](https://tryhackme.com/room/lfibasics) * Local File Inclusion
Easy linux machine to practice your skills [LazyAdmin](https://tryhackme.com/room/lazyadmin) - Network Enumeration
A beginner level security challenge [Lian_Yu](https://tryhackme.com/room/lianyu) - Network Enumeration
Learn to efficiently enumerate a linux machine and identify possible weaknesses [Linux: Local Enumeration](https://tryhackme.com/room/lle) - Linux Loc...
Step through the looking glass. A sequel to the Wonderland challenge room. [Looking Glass](https://tryhackme.com/room/lookingglass) - Network Enumerat...
Will you be consumed by Madness? [Madness](https://tryhackme.com/room/madness) - Web Poking
Just a terrible idea... [Mindgames](https://tryhackme.com/room/mindgames) - Network Enumeration
I hope you have fun. [Mnemonic](https://tryhackme.com/room/mnemonic) - Network Enumeration
Can you save the island of Motunui? [Motunui](https://tryhackme.com/room/motunui) - Network Enumeration
This audio file is hiding some things, are you able to extract enough data to reveal the flag? [Musical Stego](https://tryhackme.com/room/musicalstego...
Enhance your Linux knowledge with this beginner friendly room! [NIS - Linux Part I](https://tryhackme.com/room/nislinuxone) * Linux Fundamentals
Identify the critical security flaw in the most powerful and trusted network monitoring software on the market, that allows an user authenticated exec...
Hack your way into this easy/medium level legendary TV series "Chuck" themed box! [NerdHerd](https://tryhackme.com/room/nerdherd) - Network Enumeratio...
Enumerating and Exploiting More Common Network Services & Misconfigurations [Network Services 2](https://tryhackme.com/room/networkservices2) - NFS Fu...
Learn about, then enumerate and exploit a variety of network services and misconfigurations. [Network Services](https://tryhackme.com/room/networkserv...
Learn one of the OWASP vulnerabilities every day for 10 days in a row. [OWASP Top 10](https://tryhackme.com/room/owasptop10) - Injection
Overpass has been hacked! Can you analyse the attacker's actions and hack back in? [Overpass 2 - Hacked](https://tryhackme.com/room/overpass2hacked) -...
What happens when some broke CompSci students make a password manager? [Overpass](https://tryhackme.com/room/overpass) - Network Enumeration
The sys admin set up a rdbms in a safe way. [Poster](https://tryhackme.com/room/poster) * Network Enumeration
Be creative! [Python Playground](https://tryhackme.com/room/pythonplayground) - Network Enumeration
Just when they thought their hashes were safe... Ra 2 - The sequel! [Ra 2](https://tryhackme.com/room/ra2) - Network Enumeration
You have found WindCorp's internal network and their Domain Controller. Can you pwn their network? [Ra](https://tryhackme.com/room/ra) - Network Enume...
It's time for another heist. [Racetrack Bank](https://tryhackme.com/room/racetrackbank) - Network Enumeration
Not your conventional CTF [Recovery](https://tryhackme.com/room/recovery) - Network Enumeration
Penetration Testing Challenge [Relevant](https://tryhackme.com/room/relevant) - Network Enumeration
Hack into a vulnerable database server with an in-memory data-structure in this semi-guided challenge! [Res](https://tryhackme.com/room/res) - Redis (...
You've been hired by Billy Joel to get revenge on Ducky Inc...the company that fired him. Can you break into the server and complete your mission? [Re...
A ctf for beginners, can you root me? [RootMe](https://tryhackme.com/room/rrootme) - Network Enumeration
Learn basic scripting by solving some challenges! [Scripting](https://tryhackme.com/room/scripting) - Coding Python
Once again you find yourself on the internal network of the Windcorp Corporation. [Set](https://tryhackme.com/room/set) - Network Enumeration
Exploit a recent vulnerability and hack Webmin, a web-based system configuration tool. [Source](https://tryhackme.com/room/source) * Network Enumerati...
Can you hack your way in to a Hello World application? [Spring](https://tryhackme.com/room/spring) - Network Enumeration
Abuse traditional vulnerabilities via untraditional means. [Startup](https://tryhackme.com/room/startup) - Network Enumeration
A tutorial room exploring CVE-2019-18634 in the Unix Sudo Program. Room Two in the SudoVulns Series [Sudo Buffer Overflow](https://tryhackme.com/room/...
A tutorial room exploring CVE-2019-14287 in the Unix Sudo Program. Room One in the SudoVulns Series [Sudo Security Bypass](https://tryhackme.com/room/...
The latin word Durius means "harder" [Tempus Fugit Durius](https://tryhackme.com/room/tempusfugitdurius) - Network Enumeration
Successfully hack into bobloblaw's computer [The Blob Blog](https://tryhackme.com/room/theblobblog) - Network Enumeration
Learn a wide variety of Docker vulnerabilities in this guided showcase. [The Docker Rodeo](https://tryhackme.com/room/dockerrodeo) * Docker Escaping
Hmm [The Impossible Challenge](https://tryhackme.com/room/theimpossiblechallenge) - Cryptography
Can you take over The Marketplace's infrastructure? [The Marketplace](https://tryhackme.com/room/marketplace) - Network Enumeration
Face a server that feels as if it was configured and deployed by Satan himself. Can you escalate to root? [The Server From Hell](https://tryhackme.com...
Learn how to use a Java Serialisation attack in this boot-to-root [Tony the Tiger](https://tryhackme.com/room/tonythetiger) - Network Enumeration
Discovery consists not in seeking new landscapes, but in having new eyes.. [Undiscovered](https://tryhackme.com/room/undiscoveredup) - Network Enumera...
Tutorial room exploring some basic file-upload vulnerabilities in websites [Upload Vulnerabilities](https://tryhackme.com/room/uploadvulns) - Bypassin...
Exploit this website still in development and root the room. [WWBuddy](https://tryhackme.com/room/wwbuddy) - Network Enumeration
Learn how the web works! [Web Fundamentals](https://tryhackme.com/room/webfundamentals) * Web Fundamentals
What lies under the Willow Tree? [Willow](https://tryhackme.com/room/willow) - Network Enumeration
Fall down the rabbit hole and enter wonderland. [Wonderland](https://tryhackme.com/room/wonderland) - Network Enumeration
Always so polite... [Year of the Dog](https://tryhackme.com/room/yearofthedog) - Network Enumeration
Don't underestimate the sly old fox... This room includes a competition with over $4,000 worth of prizes to celebrate TryHackMe hitting 100k members! ...
Some pigs do fly... [Year of the Pig](https://tryhackme.com/room/yearofthepig) - Network Enumeration
Time to enter the warren... [Year of the Rabbit](https://tryhackme.com/room/yearoftherabbit) - Network Enumeration
Learn about and exploit the ZeroLogon vulnerability that allows an attacker to go from Zero to Domain Admin without any valid credentials. [Zero Logon...
I made a website where you can look at pictures of dogs and/or cats! [dogcat](https://tryhackme.com/room/dogcat) - Network Enumeration
A custom webapp, introducing username enumeration, custom wordlists and a basic privilege escalation exploit. [hackerNote](https://tryhackme.com/room/...
hackt the planet * [hc0n Christmas CTF](https://tryhackme.com/room/hc0nchristmasctf) Capture the Flag navideño, para la comunidad hackplayers.
Identify the critical security flaw in the data visualization dashboard, that allows execute remote code execution. [kiba](https://tryhackme.com/room/...
Identify recent vulnerabilities to try exploit the system or read files that you should not have access to. [tomghost](https://tryhackme.com/room/tomg...
- Let's get it rolling! no answer needed - What would look more suspicious? an empty hard drive or a full hard drive?
```sh export IP=machine_ip ```
```sh export IP=10.10.13.147 ```
```sh export IP=10.10.119.227 ```