Start Here
Hi there,
All the entries below are my personal take on CTF machines at HackTheBox, TryHackMe, and Proving Grounds (OffSec). They were conducted with the Black Box approach to simulate real-world environments as much as possible for professional development purpose. As no guidance were provided, some engagements took as long as 7 days while most were done in a day or two.
(Green nodes are Linux/Unix systems, cyan nodes are Windows standalones and Purple nodes are Active-Directory joint Windows systems. All the red dots represent ideas and concepts)
All notes were made with an idea of building of a modular report, that penetration tests can be quantified to many extent and segmented accordingly for advanced use. Additionally, this platform serves as a “cheatsheet” to quickly refer to commands and ideas.
While this modular report idea is still in development, I, myself, am still learning about Information Security (probably forever as InfoSec is endless). Therefore, the notes contains many errors that somewhat reflect my development. Some of them are just plain-simple terminology errors and some are complete-misunderstanding.
Structure
Each entry consists of 6 segments;
1-Recon2-Enumeration3-Exploitation4-Post_Enumeration5-Privilege_Escalation- Index file containing the overview
- has the same filename as the entry
- has theIndex_File tag
Additionally, you may find the Interactive Graph View useful to navigate within an entry