Offsec

It consists of machines I did for the OSCP exam preperation and also HackTheBox writeups.

131/168 done.

Active boxes and Fortresses are password protected.

Useful Links

• ippsec.rocks
• kashz-jewel - like Hacktricks
• revshells - generate reverse shells easily
• OSCP preperation notes - super useful list of commands in case you forgot how to run
• Windows cheetsheet
• Windows file transfer methods
• PowerView tips and tricks
• Exploitdb Bin Sploits - pre-compiled list of exploitdb binaries

Active Directory

• WADComs - GTFOBin for AD
• Active Directory cheetsheet

Some good articles to read for OSCP preperation

• OSCP — CRACKING THE NEW PATTERN
• OSCP 2022 — Tips To Help You Pass: K.I.S.S.

HTB Machine Summary and Mock Exam Generator

• Offsec Machine Summary - It can generate random machines to do as mock exam. Machines are from HackTheBox, Proving Grounds and PWK Lab.

HTB CBBH Preperation

• CBBH Prep

HackTheBox writeups

tjnull Linux boxes

• [x] Lame
• [x] brainfuck
• [x] shocker
• [x] bashed
• [x] nibbles
• [x] beep
• [x] cronos
• [x] nineveh
• [x] sense
• [x] solidstate
• [x] node
• [x] valentine
• [x] poison
• [x] sunday
• [x] tartarsauce
• [ ] lrked
• [x] Friendzone
• [x] Swagshop
• [x] Networked
• [x] jarvis
• [ ] Mirai
• [ ] Popcorn
• [x] Haircut
• [x] Blocky
• [x] Frolic
• [x] Postman
• [x] Mango
• [x] Traverxec
• [x] OpenAdmin
• [x] Magic
• [x] Admirer
• [x] Blunder
• [x] Tabby
• [x] Doctor
• [ ] SneakyMailer
• [ ] Passage
• [ ] Luanne
• [ ] Time
• [x] Ready
• [x] Delivery
• [x] Ophiuchi
• [x] ScriptKiddie
• [x] Armageddon
• [x] Knife
• [x] Pit
• [x] Seal
• [x] Previse
• [x] Forge
• [x] Horizontall
• [x] Shibboleth
• [x] Paper
• [x] Meta

tjnull Window boxes

• [x] legacy
• [x] Blue
• [x] Devel
• [x] Optimum
• [x] Bastard
• [x] granny
• [x] Arctic
• [x] grandpa
• [x] silo
• [x] bounty
• [x] jerry
• [x] conceal
• [x] chatterbox
• [x] Forest (Active Directory)
• [ ] BankRobber
• [x] secnotes
• [x] Suana (Active Directory)
• [ ] Bastion
• [ ] Buff
• [ ] Servmon
• [x] Active (Active Directory)
• [ ] Remote
• [ ] Fuse
• [ ] Omni
• [x] Worker
• [ ] Love
• [ ] Intelligence (Active Directory)
• [ ] APT
• [ ] Object (Active Directory)
• [ ] Support
• [ ] Acute
• [x] Timelapse (Active Directory)
• [x] StreamIO (Active Directory)
• [x] Scrambled (Active Directory)
• [x] Resolute (Active Directory)
• [x] Cascade (Active Directory)

Other boxes

• [x] Ambassador
• [x] MetaTwo
• [x] Photobomb
• [x] RedPanda
• [x] Shoppy
• [x] UpDown
• [x] Stocker
• [x] Soccer
• [x] Precious
• [x] Investigation
• [x] Awkward
• [x] Forgot
• [x] Mentor
• [x] Encoding
• [x] BroScience
• [x] Ransom
• [x] SteamCloud
• [x] Tenet
• [x] Apocalyst
• [x] Backdoor
• [x] Inject
• [x] Agile
• [x] Bagel
• [x] Escape
• [x] Interface
• [x] Vessel
• [x] Pollution
• [x] Academy
• [x] BountyHunter

Fortresses

• [x] Akerva

Proving Grounds

Linux

• [x] ClamAV
• [x] Wombo
• [ ] ~~Payday~~ (retried - can read writeup here)
• [x] Fail
• [x] Nibbles
• [x] Banzai
• [x] Hunit
• [x] Dibble
• [x] Zino
• [x] Hetemit
• [x] Peppo
• [ ] Postfish
• [x] Malbec
• [x] Sybaris
• [ ] ~~Hawat~~ (retried - can read writeup here)
• [x] ZenPhoto
• [x] Readys
• [x] Nukem
• [x] Sorcerer
• [x] Pelican
• [x] Snookums
• [x] Exfiltrated
• [x] Walla
• [x] Voip
• [x] ERP
• [x] Depreciated
• [x] Wheels

Windows

• [x] Nickel
• [x] Slort
• [x] Authby
• [x] Jacko
• [x] MeatHead
• [x] UT99
• [x] MedJed
• [ ] ~~Algeron~~ (retried - can read writeup here)
• [x] Billyboss
• [ ] ~~Kevin~~ (retried - can read writeup here)
• [ ] ~~Metallus~~ (retried)
• [x] Hutch (Active Directory)
• [x] Heist (Active Directory)
• [ ] Vault (Active Directory)
• [x] Shenzi
• [x] DVR4
• [x] Craft
• [ ] ~~Hepet~~ (retried)
• [x] Squid
• [ ] ~~compromised~~ (retried - can read writeup here)
• [ ] ~~robust~~ (retried)
• [x] resourced (Active Directory)
• [x] Craft2
• [x] Access (Active Directory)

Harder Boxes

• [x] Bratarina - Linux
• [x] Internal - Windows
• [x] Clyde - Linux
• [ ] Vector
• [ ] Shifty
• [x] XposedAPI - Linux
• [x] Helpdesk - Windows
• [x] Twiggy - Linux
• [ ] ~~Pebbles~~ (retried - can read writeup here) - Linux
• [ ] ~~Panic~~ (retired - buffer overflow)
• [ ] CookieCutter
• [x] Tico - Linux
• [ ] Zipper
• [ ] Thor

Active Directory practice

• [x] THM: Attacktive Directory
• [x] THM: Hacking Active Directory
  • draw.io diagram to understand the AD attack easier
• [ ] Active Directory 101 by HackTheBox

• Pentesting Active Directory Cheatsheet

Scripts

Privilege escalation

• jailbreak-rbash - command to find out what commands are available that has a potential of spawning a proper shell, commands are taken from GTFOBins with +Shell