Blue/Red Reports

This section contains my Blue and Red Team reports, detailing engagements, methodologies, and findings from various security assessments. I'll update this as new reports are completed, but red teaming keeps me busy, so bear with me if I'm a bit behind!

SoulMate Report

Soulmate - Hack The Box

Soulmate a challenging box that involved enumerating a web application, exploiting a vulnerability in CrushFTP, and leveraging an RCE in Erlang OTP SSH for root privileges

 Brutus Report

Brutus - Hack The Box

Brutus is a great introductory Sherlock challenge that sharpened your skills in log analysis and incident investigation. Identifying the brute-force, persistence via account creation, and mapping to MITRE provided valuable insights into blue team workflows.

 artifical Report

Artifical - Hack The Box

Artificial was a challenging box focused on AI model hosting vulnerabilities. It involved exploiting a TensorFlow/Keras code injection vulnerability (CVE-2024-3660) for initial access via a malicious model upload, pivoting to a user account by cracking database hashes, and escalating privileges by abusing a misconfigured Backrest backup system running as root.

 Editor Report

Editor - Hack The Box

Editor box involved exploiting a vulnerable XWiki instance for initial access via RCE, discovering credentials to pivot to a user account via SSH, and escalating to root by leveraging a PATH injection vulnerability in Netdata.

 Code Report

Code - Hack The Box

Code box from HTB is a linux machine that focused on web exploitation, sandbox escapes, and creative privilege escalation.

 2m Report

Two Million- Hack The Box

The challenge involves exploiting an insecure API to gain an invite code, escalating privileges through a misconfigured API endpoint, achieving command injection for an initial shell, and leveraging a vulnerable OverlayFS (CVE-2023-0386) for root access.

 Titanic Report

Titanic - Hack The Box

The goal of this box is to exploit an Arbitrary File Read (LFI) vulnerability to retrieve a Gitea database, crack credentials for SSH access, and escalate privileges using a vulnerable ImageMagick version (CVE-2024-41817) in a cron script.

 Cap Report

Cap - Hack The Box

The box involved exploiting a web dashboard to uncover FTP credentials, gaining initial access via SSH, and escalating to root by leveraging a Python binary with elevated capabilities.

 Fluffy Report

Fluffy - Hack The Box

Fluffy is an Windows machine from Hack The Box Season 8, designed to teach Active Directory (AD) pentesting techniques.

 DC-4 Report

CTF Report(OffSec):: DC-4

DC-4 from OffSec Proving Grounds was a challenging yet rewarding pentest lab that I recently tackled. It tested my skills in enumeration, brute-forcing, command injection, and privilege escalation.

 Djin3 Report

CTF Report(OffSec): Djin3

Djinn3 box from OffSec involved exploiting a Server-Side Template Injection (SSTI) vulnerability followed by privilege escalation.