Throughout this room, we'll be looking at alternative modes of exploitation without the use of Metasploit or really exploitation tools in general beyond nmap and dirbuster.

Brainpan is perfect for OSCP practice and has been highly recommended to complete before the exam. Exploit a buffer overflow vulnerability by analyzing a Windows executable on a Linux machine.

This room exploits an open-source Youtube video download tool using an interesting injection method. It also includes some common linux privilege escalation methods.

This room covers the famous Ghostcat CVE vulnerability to gain an initial access shell on the remote machine alongside an interesting ASC and GPG privilege escalation technique.

This room exploits a vulnerable FTP port left open, exposing a script that can be overwritten. Privilege escalation is also included using the famous GTFOBins to gain a root shell.

Lazy admins are a hacker’s best friend. This room includes using the SweetRice exploit, peering into an unsecured MySQL backup, and a priv esc tactic of rewriting a script file.

This room includes some interesting techniques like fuzzing subdomains, exploiting Gila CMS upload features and an interesting priv esc technique using tar and the checkpoint feature.

This room is designed for beginners and mimics a CTF-like scenario including basics like port scanning, enumeration, SQL Injection and even some simple privilege escalation tactics.

You have been contracted by UltraTech. It’s a grey-box kind of assessment. The only information you have is the company's name and their server's IP address.

You have been assigned to a client that wants a penetration test conducted on an environment due to be released to production in three weeks. Can you hack it?

In this room you will enumerate a Windows machine, gain initial access with Metasploit, use Powershell to further enumerate the machine and escalate your privileges to Administrator.

In this room, we will walk through a variety of Linux Privilege Escalation techniques - ranging from weak file permissions and cron jobs to environment variables and SUID executables

This room covers the most important tool a hacker can learn - Nmap. You will learn different types of scans, scripts and firewall evasion