DevArea htb Walkthrough
A complete HackTheBox DevArea walkthrough covering FTP enumeration, Apache CXF SSRF (CVE-2022-46364), credential extraction, Hover…
lazyhackers
Vulnlab: Baby — Medium (Linux)
Full security assessment walkthrough for Baby on Vulnlab. Includes reconnaissance, enumeration, exploitation steps, and a professi…
lazyhackers
Vulnlab: Escape — Easy (Windows)
Full security assessment walkthrough for Escape on Vulnlab. Includes reconnaissance, enumeration, exploitation steps, and a profes…
lazyhackers
Vulnlab: Sweep — Medium (Windows)
Full security assessment walkthrough for Sweep on Vulnlab. Includes reconnaissance, enumeration, exploitation steps, and a profess…
lazyhackers
HackTheBox Pro Lab: Push — CI/CD Pipeline Exploitation & Container Escape
Full walkthrough of HackTheBox Push Pro Lab — exploiting Gitea open registration, Drone CI pipeline injection, Docker socket conta…
lazyhackers
HackTheBox Pro Lab: Sidecar — Kubernetes SSRF, Service Mesh Abuse & AD Compromise
Complete walkthrough of HackTheBox Sidecar Pro Lab — exploiting SSRF to steal Kubernetes service account tokens, abusing Istio sid…
lazyhackers
HackTheBox Pro Lab: Tengu — .NET Deserialization, Neo4j Cypher Injection & Unconstrained Delegation
Full walkthrough of HackTheBox Tengu Pro Lab — exploiting ASP.NET ViewState deserialization for RCE, Neo4j Cypher injection to ext…
lazyhackers
HackTheBox Pro Lab: Kaiju — Apache Struts2 RCE, Exchange ProxyShell & ADCS ESC1 Domain Takeover
Full walkthrough of HackTheBox Kaiju Pro Lab — Apache Struts2 RCE for initial access, Jenkins credential pivot, Exchange ProxyShel…
lazyhackers
HackTheBox Pro Lab: Tea — Gitea RCE, Ansible Vault Decryption & AD CS Shadow Credentials
Full walkthrough of HackTheBox Tea Pro Lab — exploiting a Gitea CVE for unauthenticated RCE, decrypting Ansible Vault secrets for …
lazyhackers