HackTheBox. Прохождение Mini Pro Lab Unintended
Компания Unintended недавно перевела свою инфраструктуру на Active Directory. Руководство обеспокоено тем, что устаревшие методы и упущенные из виду ошибки конфигурации могут сдела...
Search fresh public links, source activity, and ready-to-use post angles for Hackthebox.
Fresh curated links around hackthebox are collected here so marketers can spot useful updates and turn timely ideas into posts faster.
Recent items include:
Recent curated links from global sources. Generate one free draft from any story, then use SocialBu to schedule and refine your content calendar.
Компания Unintended недавно перевела свою инфраструктуру на Active Directory. Руководство обеспокоено тем, что устаревшие методы и упущенные из виду ошибки конфигурации могут сдела...
Вам поручено провести проверку на проникновение в компанию Puppet Inc. Компания не разрешает передачу данных за пределы внутренней сети, поэтому внутри компании был создан сервер у...
Годная машина на тему Windows AD, Kerberos. В начале разведки получаем доступ к гостевой шаре. Оттуда достаем файл с паролем, но не знаем от какой учетной записи. Проводим разведку...
Learn how attackers abuse Entra ID through a free hands-on Capture the Flag. Varonis created the Breach at the Beach CTF to teach defenders how to investigate Entra ID attack techn...
Данный таск был активен в 6 сезоне CTF, который проходил на платформе ACLAbs. Это простая машина, однако имеет 5 флагов. Сначала раскрутим RFI до RCE, далее будем повышать привелег...
This was another pretty nice lab I took on involving an exposed content provider that we’re supposed to brute-force for a pin. In the end…Continue reading on Medium В»
A browser-based hacking simulator — build botnets, crack ciphers, and run terminal intrusion commands....
One of the biggest mistakes beginners make in cybersecurity is trying to learn entirely through theory. They watch videos. Read articles. Take notes. But never actually build a...
A French-speaking attacker broke into a small French automotive business, planted a keylogger, and stole banking and email credentials. Ordinary stuff, until one move near the end...
Hoboken-based Semperis, the identity-driven cyber resilience and crisis management company, has formed a strategic technology alliance with Hack The Box (HTB), the global leader in...
Fortunately, they were professional red teamers. Unfortunately, they pwned the network
CallMeOnTheChain — EtherRAT Lab Writeup [CyberDefenders] | by Loay SalahContinue reading on InfoSec Write-ups »
Most agent security tools focus on known jailbreak phrases or static rule-matching. That approach misses the point. A real attacker does…Continue reading on Medium »
Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-concep...
Hack Attack! is a real-time cybersecurity defense simulation with a dark cyberpunk aesthetic....
Agentic red-team tools designed for autonomous offensive security operations are themselves vulnerable, allowing attackers to steal API keys, weaponize the agents, escape sandboxes...
Изначально хотел написать каждый пост для отдельного задания в инфре, но некоторые задания настолько короткие, что писать там даже особо нечего, тем более подсказки в буткемпе очен...
Just a normal day. 23rd May, 2026. Wake up in the morning, pick up my friend from his house, head to the gym. Somewhere between sets, he casually mentions: "One of my client's...
UAC-0184 uses a multi‑stage malware chain that abuses bitsadmin and HTA loaders to reach a heavily obfuscated payload bundle, ultimately hiding behind signed binaries such as VSLau...
A story about stubbornness, broken sockets, and why sometimes the most educational thing you can do is break everything.Continue reading on Medium »
A newly disclosed sandbox escape technique in Anthropic’s Claude Cowork for Windows illustrates how attackers can achieve root-level command execution inside a Hyper-V–isolated Ubu...
A publicly indexed server at 198[.]245[.]53[.]26, discovered via Shodan, exposed more than simple staging files it revealed an active payload-generation backend and obfuscation too...
Use SocialBu to discover ideas, generate post drafts, and schedule them across your social channels.