Building and breaking stuff.
Drop me a DM to get early access to CyberMyth - The true OTR app.
Hack The Box SmartHire is a medium-difficulty Linux machine that starts with exploiting vulnerable MLflow instance to gain code execution, then escalates privileges through file abuse and insecure sudo/plugin configurations. The box focuses on real-world risks in machine learning infrastructure, unsafe Python behaviors, and misconfigured development environments.
Helix is a medium-rated Linux machine on Hack The Box featuring Apache NiFi, industrial control systems (ICS), and OPC UA. This writeup covers enumeration, initial access, lateral movement, and privilege escalation techniques used to fully compromise the target system.
PingPong is an insane-rated machine featuring multiple Active Directory domains. The attack follows an assumed-breach methodology and reflects realistic red team operations. The path moves laterally between domains and ends with full domain administrator compromise.
Logging is a medium-rated Windows Active Directory machine on Hack The Box that follows an assumed breach attack scenario. The box requires careful analysis of available logs to uncover useful credentials and operational details, followed by exploiting a misconfigured application loading process to gain further access.