This room exploits an open-source Youtube video download tool using an interesting injection method. It also includes some common linux privilege escalation methods.

This room covers the famous Ghostcat CVE vulnerability to gain an initial access shell on the remote machine alongside an interesting ASC and GPG privilege escalation technique.

This room is designed for beginners and mimics a CTF-like scenario including basics like port scanning, enumeration, SQL Injection and even some simple privilege escalation tactics.

You have been contracted by UltraTech. It’s a grey-box kind of assessment. The only information you have is the company's name and their server's IP address.

In this room, you will perform a full penetration test. The goal is to find and report all the vulnerabilities and give advice on how to patch them - also a good lesson on rabbit holes.

In this room, we will compromise a Joomla CMS account via SQL Injection, practice cracking hashes and escalate your privileges by taking advantage of yum with sudo privileges.

In this room, we will cover using Gobuster on a website, using SMBclient and SMBMap to enumerate shares and exploiting a CMS RFI vulnerability as well as wildcard privilege escalation.

In this room, we will cover SQLi and how to exploit it both manually and via using SQLMap, cracking hashes, using SSH tunnels and Metasploit.

In this room, we will cover brute-forcing account credentials, handling public exploits, using the Metasploit framework and privilege escalation on Windows.

In this room you will enumerate a Windows machine, gain initial access with Metasploit, use Powershell to further enumerate the machine and escalate your privileges to Administrator.

In this room, we will walk through a variety of Linux Privilege Escalation techniques - ranging from weak file permissions and cron jobs to environment variables and SUID executables

In this room, we will walk through a variety of Linux Privilege Escalation techniques - ranging from weak file permissions and cron jobs to environment variables and SUID executables

In this room, we will walk through a basic machine using various techniques from scanning with nmap, directory busting with Gobuster and utilizing some privilege escalation techniques.

In this room, we will walk through a variety of Linux Privilege Escalation techniques - ranging from weak file permissions and cron jobs to environment variables and SUID executables