All Walkthroughs

Browse through our comprehensive collection of CTF walkthroughs and security writeups

Showing walkthrough

Jeeves - HackTheBox
HackTheBox Medium
Jan 18, 2026 5 min read

Jeeves - HackTheBox

Medium-difficulty Windows box featuring unauthenticated Jenkins exploitation via Groovy Script Console, followed by SeImpersonatePrivilege abuse with JuicyPotato for privilege escalation. Root flag hidden in NTFS Alternate Data Streams.

#Alternate Data Streams #Jenkins #Juicy-Potato #SeImpersonatePrivilege #Web
Read more
Fluffy - HackTheBox
HackTheBox Easy
Jan 16, 2026 15 min read

Fluffy - HackTheBox

Easy-difficulty Windows Active Directory box featuring CVE-2025-24071 SMB coercion for initial access, Shadow Credentials attacks via GenericWrite abuse for lateral movement, and ADCS ESC16 exploitation for privilege escalation to Domain Admin.

#Active Directory #BloodHound #CVE-2025-24071 #Certificate Abuse #ESC16
Read more
Mindgames - TryHackMe
TryHackMe Medium
Jan 09, 2026 5 min read

Mindgames - TryHackMe

Medium-difficulty Linux box featuring RCE through Brainfuck-encoded Python execution, followed by automated enumeration and privilege escalation via CVE-2021-4034 (PwnKit).

#Brainfuck #Linux #PwnKit #Python #RCE
Read more
Safezone - TryHackMe
TryHackMe Medium
Dec 20, 2025 10 min read

Safezone - TryHackMe

Medium Linux CTF combining Apache log poisoning, authentication bruteforcing, command injection filter bypass, and creative sudo exploitation. Multiple privilege escalation paths from web to root.

#Command Injection #Linux #Log Poisoning #Web
Read more
Imagery - HackTheBox
HackTheBox Medium Locked
Dec 18, 2025 10 min read

Imagery - HackTheBox

A medium-rated Linux machine, designed to provide hands-on experience with specific web application vulnerabilities(XSS, LFI, OS command Injection) and privilege escalation techniques.

#Linux #Web
Read more