$ ls -la ./ctf/

CTF Writeups

Detailed walkthroughs for HackTheBox and TryHackMe machines — covering web exploitation, privilege escalation, OSINT, and more.

platform:
difficulty:
ctf/hackthebox-forest.md HTB
Medium Active Directory May 30, 2026

Forest — HackTheBox

Forest goes from an anonymous LDAP session to Domain Admin via AS-REP roasting and an ACL-abuse chain that ends in DCSync. A perfect walkthrough of why Active Directory attack paths are about permissions, not just passwords.

ctf/hackthebox-active.md HTB
Easy Active Directory Apr 26, 2026

Active — HackTheBox

Active is a textbook AD box: an anonymously readable SYSVOL share leaks a GPP-encrypted service-account password, which is Kerberoasted into a full Domain Admin compromise. Two legacy misconfigurations, total takeover.

ctf/hackthebox-lame.md HTB
Easy Network Feb 14, 2025

Lame — HackTheBox

One of HackTheBox's original machines. A classic Samba usermap_script vulnerability leads to unauthenticated remote code execution and immediate root access — perfect for understanding how legacy services get exploited.

ctf/tryhackme-owasp-juice-shop.md THM
Easy Web Jan 08, 2025

OWASP Juice Shop — TryHackMe

A full walkthrough of OWASP Juice Shop on TryHackMe — demonstrating SQL injection, XSS, broken authentication, and IDOR vulnerabilities in a modern Node.js web application.

ctf/hackthebox-blue.md HTB
Easy Network Dec 20, 2024

Blue — HackTheBox

Blue exploits MS17-010 (EternalBlue) — the NSA exploit leaked by Shadow Brokers that powered WannaCry. A textbook demonstration of why unpatched Windows systems are catastrophically dangerous.