Root-Me/Powershell - Command Injection·10ptsPowershell - Command Injection — Root-MeNotes for Powershell - Command Injection cover parsing edge cases, environment leakage, and privilege changes through a helper binary invoked by a scheduled task..Misceasy#root-me#app-script#easyMay 26, 2026
Root-Me/sudo - weak configuration·5ptssudo - weak configuration — Root-MeShell automation and interpreter quirks on sudo - weak configuration.Misceasy#root-me#app-script#easyMay 26, 2026
Root-Me/Bash - System 1·5ptsBash - System 1 — Root-MeNotes for Bash - System 1 cover parsing edge cases, environment leakage, and privilege changes through a helper binary invoked by a scheduled task..Misceasy#root-me#app-script#easyMay 26, 2026
OverTheWire/Bandit Level 0 → 1OverTheWire Bandit Level 0 → 1SSH in as bandit0, read the password from a plain text file.Misceasy#beginner#linux#sshMay 16, 2026
TryHackMe/BlueTryHackMe Blue — EternalBlue walkthroughClassic MS17-010 exploitation walkthrough using metasploit on a TryHackMe Windows 7 target.Misceasy#windows#smb#eternalblueMay 16, 2026
picoCTF/Obedient Cat·5ptsObedient Cat — picoCTFA friendly first challenge, solved in one line.Misceasy#beginner#linuxMay 16, 2026
Hack The Box/SmartHireSmartHire — Hack The BoxRecon turns up a careers portal and a staging API behind the same cert.Miscmedium#linux#medium#hacktheboxMay 16, 2026
Hack The Box/HelixHelix — Hack The BoxAn exposed research site leaks version hints and a backup path.Miscmedium#linux#medium#hacktheboxMay 9, 2026
Hack The Box/PingPongPingPong — Hack The BoxInitial access starts from an oddly exposed management listener on Windows.Miscinsane#windows#insane#hacktheboxApr 25, 2026
Hack The Box/LoggingLogging — Hack The BoxThe box centers on centralized log ingestion with weak boundaries between collectors and readers.Miscmedium#windows#medium#hacktheboxApr 18, 2026
Hack The Box/SilentiumSilentium — Hack The BoxA quiet Linux host still exposes a few interesting HTTP routes and a forgotten dev vhost.Misceasy#linux#easy#hacktheboxApr 11, 2026
NCTF 2026/Hello World·50ptsHello World — NCTF 2026Sanity check from NCTF 2026.MisceasyCTFtime#misc#2026#nctf-2026Apr 5, 2026
Hack The Box/GarfieldGarfield — Hack The BoxFootprint suggests a Windows app stack with legacy auth still enabled.Mischard#windows#hard#hacktheboxApr 4, 2026
Hack The Box/DevAreaDevArea — Hack The BoxDevelopers left a CI artifact and a sandbox API online longer than they should have.Miscmedium#linux#medium#hacktheboxMar 28, 2026
Hack The Box/KoboldKobold — Hack The BoxLight recon finds a small Flask surface and a curious static mount.Misceasy#linux#easy#hacktheboxMar 21, 2026
Hack The Box/VariaTypeVariaType — Hack The BoxTypography puns aside, the attack surface is a font preview service and an admin queue.Miscmedium#linux#medium#hacktheboxMar 14, 2026
Hack The Box/CCTVCCTV — Hack The BoxA surveillance-themed host exposes a stream dashboard and a brittle onboarding flow.Misceasy#linux#easy#hacktheboxMar 7, 2026
Hack The Box/PiratePirate — Hack The BoxMaritime branding hides a fairly classic Windows foothold: IIS, an upload nook, and a secondary listener on a high port.Mischard#windows#hard#hacktheboxFeb 28, 2026
DiceCTF 2026 Quals/survey·1ptssurvey — DiceCTF 2026 QualsFeedback / survey flag from DiceCTF 2026 Quals.MisceasyBlog#misc#dicectf#dicectf-quals-2026Feb 22, 2026
DiceCTF 2026 Quals/welcome·1ptswelcome — DiceCTF 2026 QualsEntry challenge — check DiceGang GitHub for the 2026 archive.MisceasyGitHub#misc#dicectf#dicectf-quals-2026Feb 22, 2026