Recent posts

HackTheBox Writeup: Sniper

Sniper was a medium rated Windows machine that relied on a RFI vulnerability to load an attacker-hosted php webshell which could be used to obtain a low privileged shell on the machine. From

HackTheBox Writeup: Forest

Forest was an easy rated Windows machine and was a great opportunity for me to practice attacks I had only read about up until now. The initial foothold was gained by enumerating user

HackTheBox Writeup: Postman

Postman was an easy rated box which was a short and fun romp. A vulnerability in redis lead to a low privilege shell then a ssh private key with a weak passphrase allowed

Review: Slayer Labs

While taking the PWK course, I immersed myself in the student labs for many hours a day just hacking away and learning. After passing the exam and finishing my lab time, there was

HackTheBox Writeup: Scavenger

Scavenger was a hard rated box which was very frustrating at times due to a crazy amount of rabbitholes. In the end though, I think it was a pretty realistic box that tested