Note: Writeups/Walkthroughs on this blog are published only after the particular box is retired from HackTheBox active machines.
This writeup details the exploitation of web vulnerabilities on HackTheBox Magic, including SQL injection, path manipulation, and privilege escalation.
This writeup demonstrates enumeration and exploitation of AD and certificate services on HackTheBox Fluffy, including shadow credentials and privilege escalation.
This writeup details the enumeration and exploitation of AD services on HackTheBox Administrator, including credential attacks and privilege escalation.
This writeup covers the exploitation of DPAPI and Active Directory on HackTheBox Puppy, including credential extraction and privilege escalation.
This writeup demonstrates enumeration and exploitation of AD and Windows services on HackTheBox EscapeTwo, including credential attacks and privilege escalation.