Offsec

It consists of machines I did for the OSCP exam preperation and also HackTheBox writeups.

131/168 done.

Active boxes and Fortresses are password protected.

Useful Links

• ippsec.rocks
• kashz-jewel - like Hacktricks
• revshells - generate reverse shells easily
• OSCP preperation notes - super useful list of commands in case you forgot how to run
• Windows cheetsheet
• Windows file transfer methods
• PowerView tips and tricks
• Exploitdb Bin Sploits - pre-compiled list of exploitdb binaries

Active Directory

• WADComs - GTFOBin for AD
• Active Directory cheetsheet

Some good articles to read for OSCP preperation

• OSCP — CRACKING THE NEW PATTERN
• OSCP 2022 — Tips To Help You Pass: K.I.S.S.

HTB Machine Summary and Mock Exam Generator

• Offsec Machine Summary - It can generate random machines to do as mock exam. Machines are from HackTheBox, Proving Grounds and PWK Lab.

HTB CBBH Preperation

• CBBH Prep

HackTheBox writeups

tjnull Linux boxes

• Lame
• brainfuck
• shocker
• bashed
• nibbles
• beep
• cronos
• nineveh
• sense
• solidstate
• node
• valentine
• poison
• sunday
• tartarsauce
• lrked
• Friendzone
• Swagshop
• Networked
• jarvis
• Mirai
• Popcorn
• Haircut
• Blocky
• Frolic
• Postman
• Mango
• Traverxec
• OpenAdmin
• Magic
• Admirer
• Blunder
• Tabby
• Doctor
• SneakyMailer
• Passage
• Luanne
• Time
• Ready
• Delivery
• Ophiuchi
• ScriptKiddie
• Armageddon
• Knife
• Pit
• Seal
• Previse
• Forge
• Horizontall
• Shibboleth
• Paper
• Meta

tjnull Window boxes

• legacy
• Blue
• Devel
• Optimum
• Bastard
• granny
• Arctic
• grandpa
• silo
• bounty
• jerry
• conceal
• chatterbox
• Forest (Active Directory)
• BankRobber
• secnotes
• Suana (Active Directory)
• Bastion
• Buff
• Servmon
• Active (Active Directory)
• Remote
• Fuse
• Omni
• Worker
• Love
• Intelligence (Active Directory)
• APT
• Object (Active Directory)
• Support
• Acute
• Timelapse (Active Directory)
• StreamIO (Active Directory)
• Scrambled (Active Directory)
• Resolute (Active Directory)
• Cascade (Active Directory)

Other boxes

• Ambassador
• MetaTwo
• Photobomb
• RedPanda
• Shoppy
• UpDown
• Stocker
• Soccer
• Precious
• Investigation
• Awkward
• Forgot
• Mentor
• Encoding
• BroScience
• Ransom
• SteamCloud
• Tenet
• Apocalyst
• Backdoor
• Inject
• Agile
• Bagel
• Escape
• Interface
• Vessel
• Pollution
• Academy
• BountyHunter

Fortresses

• Akerva

Proving Grounds

Linux

• ClamAV
• Wombo
• Payday (retried - can read writeup here)
• Fail
• Nibbles
• Banzai
• Hunit
• Dibble
• Zino
• Hetemit
• Peppo
• Postfish
• Malbec
• Sybaris
• Hawat (retried - can read writeup here)
• ZenPhoto
• Readys
• Nukem
• Sorcerer
• Pelican
• Snookums
• Exfiltrated
• Walla
• Voip
• ERP
• Depreciated
• Wheels

Windows

• Nickel
• Slort
• Authby
• Jacko
• MeatHead
• UT99
• MedJed
• Algeron (retried - can read writeup here)
• Billyboss
• Kevin (retried - can read writeup here)
• Metallus (retried)
• Hutch (Active Directory)
• Heist (Active Directory)
• Vault (Active Directory)
• Shenzi
• DVR4
• Craft
• Hepet (retried)
• Squid
• compromised (retried - can read writeup here)
• robust (retried)
• resourced (Active Directory)
• Craft2
• Access (Active Directory)

Harder Boxes

• Bratarina - Linux
• Internal - Windows
• Clyde - Linux
• Vector
• Shifty
• XposedAPI - Linux
• Helpdesk - Windows
• Twiggy - Linux
• Pebbles (retried - can read writeup here) - Linux
• Panic (retired - buffer overflow)
• CookieCutter
• Tico - Linux
• Zipper
• Thor

Active Directory practice

• THM: Attacktive Directory
• THM: Hacking Active Directory
  • draw.io diagram to understand the AD attack easier
• Active Directory 101 by HackTheBox

• Pentesting Active Directory Cheatsheet

Scripts

Privilege escalation

• jailbreak-rbash - command to find out what commands are available that has a potential of spawning a proper shell, commands are taken from GTFOBins with +Shell