The Forest Windows box retired this weekend on HackTheBox. Getting user was quite straight forward but escalating privileges was a little more compricated. We’ll have a look at BloodHound for that last step, it’s an open source tool that I use a lot for work now and that I can’t recommend enough. 1: Recon First, I do the usual nmap scan I start with on all boxes: nmap -A -T5 10.

The Bastion Windows box retired this weekend on HackTheBox. It was a Windows box, quite easy to solve but learned a lot along the way. It’s my first write-up of a HTB box so it might not be the best but hopefully it will be a nice summary! We learn about SMB, mounting VHD in Linux, stealing Windows hashes, cracking them with John, and exploiting a program for Privesc. 1: Recon First, I do the usual nmap scan I start with on all boxes: nmap -A -oN nmap-bastion.

This page will be a completely chaotic list of tools, articles, and resources I use regularly in Pentesting and CTF situations. My goal is to update this list as often as possible with examples, articles, and useful tips. It will serve as a reference for myself when I forget things and hopefully help other to discover tools that they haven’t used. If you know of more tools or find a mistake, please contact me on Twitter or by email (links above).