Voleur is a medium difficulty active directory box. It is an assumed breach machine which means we start with some credentials which we can use to ...

Cypher is a medium difficulty Linux box. This machine only has two open TCP ports which are SSH and HTTP. The website presents with a description o...

Cronos is a medium difficulty Linux machine. This box has only three TCP ports open; SSH, HTTP and DNS. DNS is configured in such a way that we are...

Certified is a medium difficulty box. This is an assumed breach scenario, therefore, we start with some credentials for the judith user. This user ...

Puppy is a medium active directory Windows machine. We are given credentials for a low privilege user, levi.james, which we can use to start enumer...

Delivery is an easy Linux machine. An initial port scan reveals three tcp ports open. Port 80 has a website running which directs us to an OSTicket...

Soccer is an easy Linux machine. It has three ports open one of which is a webpage that contain a tiny file manager instance running. Using default...

Instant is a medium Linux box. We are given an apk file which we can extract to view its source code. Inside this code we see that it is making API...

Builder is a medium Linux box. The machine only has two ports open one of which is an open Jenkins portal. This version of Jenkins is vulnerable to...

This machine was quite hard for me. I learned a lot about exploiting ruby data serialization and finding information inside of pdf files with exif...