Scape is a Medium Windows AD machine. It starts with an SMB share exposing a PDF containing MSSQL credentials. The attacker forces MSSQL to authenticate and captures a crackable hash. With these cr...

The net command is a command-line tool that enables the management and configuration of various services and network resources. This cheat sheet includes the net commands that I find particularly u...

Builder is a Medium HTB machine where we exploit Jenkins CVE-2024-23897, which allows us to read files on the server. We can retrieve user credentials by enumerating Jenkins configuration files, cr...

In this post, we're resolving Sauna Machine from HackTheBox, where we'll deal with an Active Directory environment. We will exploit AS-REP Roasting on a domain account, reading autologon credential...