Persecure : my learning archive

Vulnhub

Hello! I’m a SOC analyst and cybersecurity enthusiast. In my free time, I enjoy practicing on CTFs and writing up about them.

Infosec Prep: OSCP : Simple introductory machine

GreenOptic: 1 : LFI exploit , Network and Wireshark machine

Corrosion: 1 : LFI and log poisoning exploit

RickdiculouslyEasy :1 : Command Injection & sudo exploit

FristiLeaks: 1.3 : Decryption & SUID exploit

billu: b0x : Local file read & phpmy exploit

So Simple : 1 : WordPress vulnerability exploit

My CMSMS: 1 : CMS MS exploit

Dina: 1.0.1 : playsms machine

ICMP: 1 : Monitor & Hping3 exploit

W34kn3ss: 1 : OpenSSL exploit

Bob: 1.0.1 : webshell command injection bypass

Pwned: 1 : Directory enumeration& docker exploit

Dripping Blues: 1 : Polkit exploit

Vegeta: 1 : Steganography based box

HA: Wordy : WordPress command injection and SUID exploit

Inclusiveness : 1 : LFI exploit

Djinn : 1 : Command Injection bypass & sudo exploit

Cybersploit : 1 : Decryption and outdated kernel machine

EVM: 1 : Simple wordpress exploit

Photographer : 1 : Koken CMS exploit

BBS (cute): 1.0.2 : CuteNews exploit

Born2Root: 1 : cronjob and bruteforce exploit

PwnLab: init : Upload bypass and binary exploit

DC: 1 : Drupal exploit box

DC:2 : WordPress box

DC: 3.2 : Joomla! and Linux kernel exploit

DC: 4 : Burpsuite bruteforce, command injection and tee exploit

DriftingBlues:6 : Textpattern and Dirtycow exploit

Evilbox : Website parameter and write permissions exploits

Potato : PHP Type Juggling & LFI machine

Lampiao : 1 : Drupal & Linux Kernel 2.6.22 < 3.9 – ‘Dirty COW exploit

Funbox: Scriptkiddie : ProFTPd exploit

Funbox: 1 : WordPress & Cronjob exploit

Funbox : Easy : Web exploit machine

Funbox : Rookie : FTP exploit machine

Sunset: Midnight : WordPress & SUID exploit

Sunset : Noontide : Unreal IRC exploit

Sunset : Decoy : chrootkit exploit

Funbox : EasyEnum : Enumeration machine

Sunset : Dawn : SMB enumeration & cronjob exploit

Sumo : 1 : Shellshock and Dirty Cow exploit

Gaara : Thorough enumeration and decryption box

Cybersploit 1 : Ubuntu 12.04.5 exploit

HACLABS: NO_NAME CTF : Command injection vulnerability

Quaoar : Hackfest 2016 CTF

Deathnote : Straight forward box

Ripper 1 : Web application testing & enumeration

Tophatsec Freshly : Find the secret hidden in a sensitive file

Mercury : SQLmap

c0ldBox : WordPress machine

Jagnow 1.0.1 : Enumeration

FUNBOX: LUNCHBREAKER CTF : Machine using bruteforce

Pentester Lab: From SQL injection to Shell

Lin.Security:1 NFS exploit

Driftingblues : EyesOfNetwork exploit

Rickdiculouslyeasy

Basic Pentesting:1