HTB Writeup – BigBang
Posted on 2025-01-28
Exploit a classic Glibc buffer overflow on PHP heaps & APK Reversing
RCE
HTB Writeup – Backfire
Posted on 2025-01-20
Exploit open-source C2s: Havoc (CVE-2024-41570) & Hardhat
HTB Writeup – EscapeTwo
Posted on 2025-01-12
Windows AD CS exploitation for Red Teaming practise with ESC4
HTB Writeup – LinkVortex
Posted on 2024-12-08
Exploit Ghost CMS 5.58.0 CVE-2023-40028 after a Git leak
HTB Writeup – Unrested
Posted on 2024-12-07
Zabbix CVE-2024-36467 (JSON RPC IDOR) & CVE-2024-42327 (SQLi)
HTB Writeup – Yummy
Posted on 2024-10-06
LFI, JWT Forgery, SQLi, Crontab abuse, Mercurial hook, Rsync privesc
HTB Writeup – Trickster
Posted on 2024-09-22
XSS + RCE for PrestaShop & exploit SSTI on ChangeDetection.io
HTB Writeup – Caption
Posted on 2024-09-15
Exploit H2 Database for Java web app & abuse Apache Thrift
HTB Writeup – Sightless
Posted on 2024-09-09
SQLPad RCE vulnerability & Froxlor exploit via Chrome remote debugging
HTB Writeup – MonitorsThree
Posted on 2024-08-25
RCE for CACTI monitor system, Auth bypass for Duplicati backup solution.