cat /etc/motd

Hack The Box

Write-ups, exploits, and notes for all the retired machines I’ve rooted.

// my stats

Progress on the platform

80+
Machines Rooted
Pro
Hacker
Current Rank
AD
Specialty
2025
Since
HTB Profile Badge
→ view full profile on hackthebox.com

This is where I collect my Hack The Box write-ups. Each post details what I did to gain user and root access, including the tools, commands, and CVEs I used along the way.

The focus is on Active Directory chaining, Linux privilege escalation, and modern web exploitation,... - the skills that really matter in real-world penetration tests.

All write-ups are for retired machines, in accordance with the HackTheBox Terms of Service.

// sections

What you'll find here

🖥️

Machines

Walkthroughs of retired boxes - from easy Linux to insane Active Directory chains.

 📚

Documentation

Technical notes, cheat sheets, and references I've collected during HTB.
// latest

Latest writeups

BabyTwo
Windows Medium

Web enumeration leading to config disclosure, credential reuse for SSH access, and sudo misconfiguration for root escalation.
Hacknet
Linux Medium

Exposed service RCE for initial foothold, credential harvesting for lateral movement, and SUID binary abuse for privilege escalation to root.
RustyKey
Windows Hard

AD enumeration via BloodHound, Timeroasting for machine account compromise, Helpdesk delegation abuse for privilege escalation, and RBCD-based domain admin impersonation.
View all writeups →