Hacking Documentation

Useful resource for CTF's, hacking challenges and more!


  • Host Discovery
    Internal and External Host Discovery - Guide and Examples

    Last Updated: september 12th 2024

    A complete guide which covers internal and external host discovery using passive and active methods. Contains in-depth explanation and examples for tools like Nmap, Netdiscover and arp-scan.

    Tags: host recon discovery scanning enumeration guide

  • MITRE ATT&CK
    MITRE ATT&CK - Reconnaissance - Active Scanning Guide and Examples

    Last Updated: september 10th 2024

    A comprehensive guide based on the techniques from the MITRE ATT&CK framework. It shows multiple examples on how the techniques can be used in the real world coupled with an understandable technical explanation.

    Tags: MITRE ATT&CK subdomain recon active scanning enumeration guide

  • Gobuster
    Gobuster - Guide and Examples

    Last Updated: march 28th 2024

    Gobuster is a tool used to brute force URLs (directories and files) from websites, DNS subdomains, Virtual Host names and open Amazon S3 buckets. It can be particularly useful during CTF challenges that require you to brute force webserver data, but also during pentest engagements.

    Tags: gobuster bruteforce subdomain directory vhost web enumeration recon tools 80

  • Privilege Escalation
    Windows XP SP0/SP1 Privilege Escalation to System

    Last Updated: may 20th 2020

    This method of privilege escalation relies on vulnerable Microsoft Services. Most services in newer Windows versions (starting from Windows XP SP2) are no longer vulnerable. Vulnerable in this case, means that we can edit the services' parameters. This particular article focusses on the services SSDPSRV and upnphost.

    Tags: windows xp SP0 SP1 privilege escalation system upnphost SSDPSRV

  • Craft
    HackTheBox.eu - Craft

    Last Updated: february 25th 2020

    The user portion of this box revolves around the Gogs Craft API. We have to exploit an eval() vulnerability and dump a database to get the user flag. In order to gain root we have to exploit an application called Vault.

    Tags: htb hackthebox craft writeup walkthrough

  • FCrackZip
    FCrackZip - ZIP Bruteforce Guide and Examples

    Last Updated: september 10th 2024

    fcrackzip searches each zipfile given for encrypted files and tries to guess the password. All files must be encrypted with the same password, the more files you provide, the better.

    Tags: fcrackzip tutorial bruteforce tools zip

  • Jerry
    HackTheBox.eu - Jerry

    Last Updated: january 12th 2019

    Jerry was one of the easiest boxes i've done so far. It was very straight forward with no rabbit holes. Unfortunatly there was no priv esc, as the user and root flag were together in the same file.

    Tags: htb hackthebox jerry writeup walkthrough

  • Netcat
    Netcat - Guide and Examples

    Last Updated: september 10th 2024

    Netcat (often abbreviated to nc) is a computer networking utility for reading from and writing to network connections using TCP or UDP. Netcat is designed to be a dependable back-end that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and investigation tool, since it can produce almost any kind of connection its user could need and has a number of built-in capabilities.

    Tags: netcat guide tools network foothold scanning

  • Nikto
    Nikto - Web Scanner Guide and Examples

    Last Updated: september 10th 2024

    Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/CGIs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.

    Tags: nikto web scanner guide tools recon 80

  • TheHarvester
    TheHarvester - Guide and Examples

    Last Updated: september 10th 2024

    TheHarvester is an OSINT tool for gathering subdomains, email addresses, open ports, banners, employee names, and much more from different public sources. (Google, Bing, PGP key servers, ...). In order to gather this information it will do active and passive information gathering.

    Tags: theharvester guide osint tools recon

  • Heartbleed
    Heartbleed vulnerability

    Last Updated: november 21th 2018

    Heartbleed is a vulnerability in the OpenSSL implementation - OpenSSL implemented the widely used protocols: SSL (Secure Sockets Layer) and TLS (Transport Layer Security). The flaw in OpenSSL gives an attacker the ability to extract encrypted data from TLS/SSL secured networks.

    Tags: heartbleed ssl vulnerability openssl