Scepter A HackTheBox active Hard Windows machine focused on Active Directory enumeration and privilege escalation, protected by NTLM hash encryption to prevent spoilers and ensure only those who co...

Nocturnal A HackTheBox active Easy Linux machine focused on web enumeration and privilege escalation, protected by Root’s Shadow Hash to prevent spoilers and ensure only those who complete the mach...

Certificate A HackTheBox active Hard Windows machine focused on Active Directory enumeration and privilege escalation, protected by NTLM hash encryption to prevent spoilers and ensure only those wh...

Cat is a medium-difficulty Linux machine that features a custom PHP web application vulnerable to cross-site scripting (XSS), which can trigger an onerror event to bypass the application’s security...

DPAPI exploitation in Windows environments involves leveraging the Data Protection API to decrypt sensitive user secrets such as credentials, private keys, and tokens. This is typically done during...

Vintage on Hack The Box is a hard-difficulty Windows machine centered around exploiting vulnerabilities in an Active Directory environment and leveraging misconfigurations in certificate services. ...

Administrator on Hack The Box is a medium-difficulty Windows machine centered around exploiting vulnerabilities in an Active Directory environment and leveraging misconfigurations in certificate se...

Certified on Hack The Box is a medium-difficulty Windows machine centered around exploiting vulnerabilities in an Active Directory environment and leveraging misconfigurations in certificate servic...

Instant on Hack The Box is a medium-difficulty machine that focuses on reverse engineering a mobile application, exploiting API endpoints, and cracking encrypted hashes and files. The initial explo...

MonitorsTwo on Hack The Box is an easy-difficulty Linux machine that revolves around exploiting a vulnerable Cacti-based web application and escalating privileges through credential retrieval and c...