ARZ101Vulnlab — HeronHeron from vulnlab, had a linux jump server access to domain controller, using chisel for socks proxy, enumerating the internal website…3d ago3d ago
ARZ101Vulnlab — TenguTengu, a medium rated chained machine from vulnlab consisting of two windows and one linux host, had an instance node-red running on linux…Sep 19Sep 19
ARZ101Vulnlab — PhantomPhantom involved enumerating shares to find an email with a password, enumerating domain users by bruteforcing SIDs, password spraying to…Jul 22Jul 22
ARZ101Vulnlab — KlendathuKlendathu, an insane rated machine involved enumerating nfs share containing a configuration file with password hash of domain user, this…Jul 9Jul 9
ARZ101Vulnlab — LockLock is a basic windows machine which involved enumerating the gitea repository to find a Personal Access Token (PAT), through which it…Jul 1Jul 1
ARZ101Vulnlab — SendaiSendai involved enumerating usernames through smb shares having password expired, resetting their password, belonging to Support group they…May 10May 10
ARZ101Vulnlab — VigilantVigilant a hard rated chained machine involved enumerating smb shares to find an encrytped pdf file, analyzing the ADAudit dll file to…Apr 30Apr 30
ARZ101Vulnlab — KaijuKaiju is a hard rated AD chain, involved enumerating FTP server with default credentials to find filezilla configuration file having the…Mar 31Mar 31
ARZ101HackTheBox — ReboundRebound involved performing as-rep roasting by bruteforcing domain users SIDs, then kerberoasting ldap_monitor account with…Mar 29Mar 29
ARZ101Vulnlab — SidecarSidecar, a similar AD chained like intercept, involved getting a shell through a lnk file, relaying authentication from WS01 by enabling…Mar 2Mar 2