AD103: an Intermediate AD enterprise forest from secdojo
Intermediate Secdojo Overview An Active Directory enterprise environment focused on chaining vector attacks, from abusing weak permissions to compromising core enterprise services. Reconnai...
Plur1bu5
Recent Posts
VulnCicada: a medium HackTheBox machine
Medium HackTheBox Overview VulnCicada is a medium Active Directory box where NTLM is disabled. An NFS share exposed to everyone leaks usernames and a password hidden in an image. From there i...
Odyssey Finals 2025 - True Story (Crypto)
Writeup for True Story crypto challenge from Odyssey Finals 2025
Tombwatcher: a medium HackTheBox machine
Medium HackTheBox Overview Tombwatcher is a medium assumed-breach Active Directory box. Starting with low-privileged domain credentials, the path involves DPAPI credential decryption, lateral...
Odyssey Finals 2025 - DarBox Inwi (DFIR)
Writeup for DarBox Inwi DFIR challenge from Odyssey Finals 2025
Forest: an easy HackTheBox machine
Easy HackTheBox Overview Forest is an easy Active Directory box. Null session LDAP enumeration gets you usernames, AS-REP roasting gives you a foothold, and bloodhound reveals a path through ...
AISEC Finals CTF 2025 Writeups
Writeups for AISEC Finals CTF 2025 challenges
Baby: an easy HackTheBox machine
Easy HackTheBox Overview Baby is an easy Active Directory box. Null session LDAP enumeration reveals a password in a user’s description field. A bit of digging finds two users that weren’t in...
ESI Finals 2025 - CanYouHear (Steganography)
Writeup for CanYouHear audio steganography challenge from ESI Finals 2025
Attacking YOLOv8 vs YOLOv10: Adversarial CNN Misclassification
A writeup NHNC 2025 CTF CNN challenge.