These labs feature vulnerable machines and past CTFs, providing an environment for me to apply my theoretical knowledge and practical skills to real-world scenarios. Through my engagement with these labs, I have been able to deepen my understanding of cybersecurity concepts, gain hands-on experience in identifying and exploiting vulnerabilities, and develop strategies for effective threat mitigation.
Total labs: 143
VulnLab
Baby: AD machine with LDAP enumeration and SeBackupPrivilege exploit
Baby2: AD machine with logon script and GPO abuse
Breach: AD machine with NTLM hash capture and silver ticket attack
Sendai: AD machine with ReadGMSAPassword, service discover and certificate privilege escalation
HackSmarter
Arasaka: AD machine Keberoasting, GenericWrite, GenericAll & Certificate ESC1 abuse
Welcome: GenericAll & Certificate ESC1 abuse
Ascension: Linux Cron, capabilities PE
ShareThePain: Catching hashes & MSSQL abuse
VulnHub
Infosec Prep: OSCP : Simple introductory machine
GreenOptic: 1 : LFI exploit , Network and Wireshark machine
Corrosion: 1 : LFI and log poisoning exploit
billu: b0x : Local file read & phpmy exploit
RickdiculouslyEasy :1 : Command Injection & sudo exploit
So Simple : 1 : WordPress vulnerability exploit
PNPT Academy : CMS exploit
PNPT : Dev : Boltwire exploit
PNPT : Black Pearl : dnsrecon & Navigate CMS exploit
Dina: 1.0.1 : playsms machine
ICMP: 1 : Monitorr & Hping3 exploit
Dripping Blues: 1 : Polkit exploit
FristiLeaks: 1.3 : Decryption & SUID exploit
My CMSMS: 1 : CMS MS exploit
W34kn3ss: 1 : OpenSSL exploit
Bob: 1.0.1 : webshell command injection bypass
Pwned: 1 : Directory enumeration & docker exploit
HA: Wordy : WordPress command injection and SUID exploit
Funbox: 1 : WordPress & Cronjob exploit
Vegeta: 1 : Steganography based box
Djinn : 1 : Command Injection bypass & sudo exploit
PwnLab: init : Upload bypass and binary exploit
Inclusiveness : 1 : LFI exploit
Cybersploit : 1 : Decryption and outdated kernel machine
EVM: 1 : Simple wordpress exploit
Photographer : 1 : Koken CMS exploit
BBS (cute): 1.0.2 : CuteNews exploit
Kioptrix 1 : apache mod_ssl and samba 2.2 exploits
Born2Root: 1 : cronjob and bruteforce exploit
DC: 1 : Drupal exploit box
DC:2 : WordPress box
DC: 3.2 : Joomla! and Linux kernel exploit
DC: 4 : Burpsuite bruteforce, command injection and tee exploit
DriftingBlues:6 : Textpattern and Dirtycow exploit
Evilbox : Website parameter and write permissions exploits
Potato : PHP Type Juggling & LFI machine
Lampiao : 1 : Drupal & Linux Kernel 2.6.22 < 3.9 – ‘Dirty COW exploit
Funbox: Scriptkiddie : ProFTPd exploit
Funbox : Easy : Web exploit machine
Funbox : Rookie : FTP exploit machine
Funbox : EasyEnum : Enumeration machine
Sunset: Midnight : WordPress & SUID exploit
Sunset : Noontide : Unreal IRC exploit
Sunset : Dawn : SMB enumeration & cronjob exploit
Sunset : Decoy : chrootkit exploit
Sumo : 1 : Shellshock and Dirty Cow exploit
Gaara : Thorough enumeration and decryption box
Cybersploit 1 : Ubuntu 12.04.5 exploit
HACLABS: NO_NAME CTF : Command injection vulnerability
Quaoar : Hackfest 2016 CTF
Deathnote : Straight forward box
Ripper 1 : Web application testing & enumeration
Tophatsec Freshly : Find the secret hidden in a sensitive file
Mercury : SQLmap
c0ldBox : WordPress machine
Jagnow 1.0.1 : Enumeration
FUNBOX: LUNCHBREAKER CTF : Machine using bruteforce
Pentester Lab: From SQL injection to Shell
Lin.Security:1 NFS exploit
Driftingblues : EyesOfNetwork exploit
HackTheBox
Cicada : SeBackupPrivilege escalation
Bashed : scriptmanager exploit
Builder : Jenkins CVE-2024-23897 exploit
Netmon : PRTG RCE exploit
Blackfield : ForceChangePassword and SeBackupPrivilege exploit
Bastion : Mount & exploit mRemoteNG
Heist : Cisco and Firefox memory dump exploit
Bastard : Drupal 7 & Kernel exploit
Armageddon : Drupal exploit
Querier : mssql exploit
Jeeves : Jenkins & Potato Exploit
Sauna : Active Directory DCSync attack
Access : Telnet & Runas exploit
Resolute : DNSadmin group exploit
SecNotes : WSL exploit
Active : Easy Active directory machine
Chatterbox : Achat Buffer Overflow Exploit
Nibbles : Nibbleblog exploit
Forest : RPC, GenericALL, WriteDacl exploits
Previse : Web intercept exploit
Artic : ADOBE Coldfusion 8 & MS-059 Exploit
Shocker : Shellshock exploit
Blocky : Password reuse exploit
Knife : PHP RCE
Sense : Pfsense webserver exploit
Irked : IRC exploit
Buff : Exploit using port forwarding
Mirai : IoT exploit
Networked : File Image exploit
Valentine : Heartbleed exploit
Devel : MS11-046 exploit
Beep : LFI enumeration and webmin exploit
Timelapse : Exploiting using SMB and LAPS
Tier 0 : Starting Point Machine
Tier 1 : Starting Point Machine
Optimum : Windows 2012 R2 Server exploit
Return : Windows Printer service exploit
Jerry : Apache tomcat code execution exploit
Blue : Eternal Blue SMB exploit
Lame : Samba Username map script
Cap : Wireshark recon
Granny : IIS 6.0 Vulnerability code execution
Legacy : MS08-067 exploit
Grandpa : IIS 6.0 Vulnerability code execution
TryHackMe
Mr Robot : Based on the Mr. Robot show
GamingServer : Boot2Root box for beginners
Startup : Abuse traditional vulnerabilities via untraditional means
Gallery : Exploit our image gallery system
Fowsniff : Boot2Root machine
Tomghost : Identify recent vulnerabilities to try exploit the system
Lian yu : Arrowverse themed beginner CTF
Pickle Rick : Exploit a webserver
Simple : Beginner level ctf
Attacktive Directory : Active Directory
Alfred : Jenkins and Token Impersonation exploit
Brains : TeamCity Exploit
Cyberlens : Tika server Exploit
Boiler CTF : Sar2HTML exploit
Skynet : Cuppa CMS exploit
UltraTech : API RCE & Docker PE
Relevant : IIS server reverse shell & SEImpersonate exploit
Weasel : Juypter notebook & AlwaysInstallElevated exploit
Zeno : Restaurant management CMS exploit & Linux service exploit
Thompson : Tomcat server exploit
AllSignsPoint2Pwnage : SMB share file upload reverse shell & SeImpersonate exploit
CMEsS : Gila CMS exploit & TAR PE
Retro : WordPress & Windows OS (14393) system exploit
Enterprise : AD Unquoted Service Hijacking PE
Reset : AD AS-REP roast, GenericAll, ForceChangePassword & Unconstrained delegation PE
Silver Platter : Silverpeas CMS exploit & ADM group PE
Vulnnet: Active : SMB scheduled task file & GPO Abuse on policy
Year of the owl: SNMP enumeration & sam/system dumping
Ledger: AD Ldap enumeration & Certificate privesc
Fusion Corp: AD Ldap enumeration & SeBackupPrivilege esc
Persecure : my learning archive 