Note: Writeups/Walkthroughs on this blog are published only after the particular box is retired from HackTheBox active machines.
This writeup describes the exploitation of FTP and web services on HackTheBox Netmon, including anonymous access and privilege escalation.
This writeup details the exploitation of web vulnerabilities on HackTheBox Magic, including SQL injection, path manipulation, and privilege escalation.
This writeup demonstrates enumeration and exploitation of AD and certificate services on HackTheBox Fluffy, including shadow credentials and privilege escalation.
This writeup details the enumeration and exploitation of AD services on HackTheBox Administrator, including credential attacks and privilege escalation.
This writeup covers the exploitation of DPAPI and Active Directory on HackTheBox Puppy, including credential extraction and privilege escalation.