# Writeups and Walkthroughs
## Try Hack Me (THM)

tryhackme.com - © TryHackMe

### Rooms * [OWASP](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/owasp) #### Active Directory * [Active Directory Basics](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/active-directory-basics) (This room will introduce the basic concepts and functionality provided by Active Directory) * [AD: Basic Enumeration](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/ad-basic-enumeration) (This room covers various Active Directory enumeration techniques, their use cases as well as drawbacks) * [Enumerating Active Directory](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/enumerating-active-directory) (This room covers various Active Directory enumeration techniques, their use cases as well as drawbacks) * [Breaching Active Directory](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/breaching-active-directory) (This network covers techniques and tools that can be used to acquire that first set of AD credentials that can then be used to enumerate AD) * [Attacking Kerberos](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/attacking-kerberos) (Learn how to abuse the Kerberos Ticket Granting Service inside of a Windows Domain Controller) * [Attacktive Directory](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/attacktive-directory) (99% of Corporate networks run off of AD. But can you exploit a vulnerable Domain Controller?) * [Exploiting Active Directory](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/exploiting-active-directory) (Learn common AD exploitation techniques that can allow you to reach your goal in an AD environment) * [Post-Exploitation Basics ](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/post-exploitation-basics)(Learn the basics of post-exploitation and maintaining access with mimikatz, bloodhound, powerview and msfvenom) * [Lateral Movement and Pivoting](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/lateral-movement-and-pivoting) (Learn about common techniques used to move laterally across a Windows network). ### CTFs * [RootMe](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/rootme) * [Simple CTF](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/simple-ctf) * [Eternal Blue](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/eternal-blue) * [Vulnversity](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/vulnversity) * [Pickle Rick](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/pickle-rick) * [Brooklyn Nine Nine](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/brooklyn-nine-nine) * [Kenobi](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/kenobi) * [Bounty Hacker](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/bounty-hacker) * [Overpass](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/overpass) * [LazyAdmin](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/lazyadmin) * [Ignite](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/ignite) * [Bolt](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/bolt) * [Agent Sudo](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/agent-sudo) * [Startup](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/startup) * [Wgel](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/wgel) * [Blog](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/blog) * [ColdBox](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/coldbox) * [Lian\_Yu](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/lian_yu) * [Blaster](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/blaster) * [Ice](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/ice) * [The Sticker Shop](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/thm/the-sticker-shop) *** ## Hack The Box (HTB)

hackthebox.com - © HACKTHEBOX

* [Devel](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/hackthebox/devel) * [Delivery](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/hackthebox/delivery) * [Active](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/hackthebox/active) * [Analytics](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/hackthebox/analytics) * [Bashed](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/hackthebox/bashed) * [Valentine](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/hackthebox/valentine) * [Sau](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/hackthebox/sau) * [Sunday](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/hackthebox/sunday) * [Cap](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/hackthebox/cap) * [Bizness](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/hackthebox/bizness) * Chemistry - OnGoing * Celestial - OnGoing * Poison - OnGoing *** ## VulnHub

https://www.vulnhub.com/

* [Brainpain (BoF)](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/vulnhub/brainpain-bof) *** ## Vulnix

© VulNyx

* Admin ## DockerLabs

https://dockerlabs.es/

* [Trust](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/dockerlabs/trust) * [Upload](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/dockerlabs/upload) * [Vacaciones](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/dockerlabs/vacaciones) *** ## HomeMade Labs 🏠🔬 * [Active Directory](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/homemade-labs/active-directory) * [Pivoting](https://app.gitbook.com/o/s2H3MdEB0Qp2IbE58Gxw/s/rRWtuMw6xkkeDjZfkcWC/~/changes/174/homemade-labs/pivoting) * [Buffer Overflow (BoF)](https://app.gitbook.com/o/s2H3MdEB0Qp2IbE58Gxw/s/rRWtuMw6xkkeDjZfkcWC/~/changes/174/homemade-labs/buffer-overflow-bof) *** ## WAPT ### Portswigger Web Security Academy

@PortSwigger Ltd

[PortSwigger - Web Security Academy (My Walkthrough)](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/portswigger-web-security-academy) *** ### DVWA

https://github.com/digininja/DVWA

* [Install and configure DVWA](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/dvwa/install-and-configure-dvwa) * [Command Injection](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/dvwa/command-injection) * [Cross Site Request Forgery (CSRF)](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/dvwa/csrf) * [File Inclusion (LFI + RFI)](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/dvwa/file-inclusion) * [SQL Injection (SQLi)](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/dvwa/sql-injection) *** ### OWASP - Mutillidae II

https://owasp.org/www-project-mutillidae-ii/

* [Install & configure OWASP Mutillidae II](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/mutillidae-ii/install-and-configure-owasp-mutillidae-ii) * [SQL Injection (SQLi)](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/mutillidae-ii/sqli) * [Command Injection](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/mutillidae-ii/command-injection) * [IDOR & File Inclusion](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/mutillidae-ii/idor-and-file-inclusion) * [Cross-Site Scripting (XSS)](https://dev-angelist.gitbook.io/writeups-and-walkthroughs/mutillidae-ii/xss) *** ### OWASP - SecureBank

https://owasp.org/www-project-securebank/

* Install and configure OWASP Secure Bank