Skip to content

farSec/HTB-WriteUps

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
Principal
Principal
 
 
bashed
bashed
 
 
lame
lame
 
 
netmon
netmon
 
 
sense
sense
 
 
README.md
README.md
 
 

Repository files navigation

Hack The Box Writeups

A collection of structured writeups for retired Hack The Box machines.

The objective of this repository is not only to document exploitation techniques, but to demonstrate a professional security assessment mindset through methodology, attack path analysis, root cause identification, remediation recommendations, and lessons learned.

Only retired Hack The Box machines are included. No active machine content is published.

Machines

Machine Difficulty Category Key Skills Writeup
Lame Easy Network / SMB Enumeration, SMB, RCE View
Bashed Easy Web Web Enumeration, RCE, Privilege Escalation View
Sense Easy Web / Firewall Credential Leak, Web Exploitation View
Netmon Easy Windows Service Enumeration, Credential Discovery View
Principal Medium Web Application Security JWT Security, API Security, Information Disclosure, SSH CA Abuse View

Assessment Methodology

Each machine is approached using a structured assessment workflow:

Information Gathering
        │
        ▼
Attack Surface Mapping
        │
        ▼
Vulnerability Discovery
        │
        ▼
Exploitation
        │
        ▼
Privilege Escalation
        │
        ▼
Root Cause Analysis
        │
        ▼
Remediation & Lessons Learned

Writeup Structure

Each writeup follows a consistent reporting format:

  1. Executive Summary
  2. Scope
  3. Enumeration
  4. Vulnerability Identification
  5. Exploitation
  6. Privilege Escalation
  7. Root Cause Analysis
  8. Remediation Recommendations
  9. Lessons Learned

Skills Demonstrated

Web Application Security

  • OWASP Top 10
  • Authentication Testing
  • Authorization Testing
  • API Security
  • JWT Security
  • Information Disclosure
  • Business Logic Assessment

Infrastructure Security

  • Linux Enumeration
  • Windows Enumeration
  • Privilege Escalation
  • Credential Abuse
  • Service Misconfiguration Analysis

Reporting & Documentation

  • Executive Summaries
  • Attack Path Documentation
  • Root Cause Analysis
  • Risk Communication
  • Remediation Guidance

What This Demonstrates

  • Methodical enumeration
  • Structured attack path analysis
  • Understanding of root causes
  • Clear explanation of security impact
  • Reproducible technical documentation
  • Translation of lab findings into real-world security lessons
  • Professional reporting practices

Disclaimer

These writeups are intended for educational purposes only and document retired Hack The Box machines.

No real-world systems were targeted during the creation of this content.

About

Structured Hack The Box writeups focused on methodology, enumeration, exploitation, privilege escalation, and lessons learned.

Topics

windows linux enumeration penetration-testing ctf hackthebox privilage-escalation security-writeups

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors