{"id":28436872,"url":"https://github.com/jon-brandy/hackthebox","last_synced_at":"2025-06-27T20:32:06.330Z","repository":{"id":64866616,"uuid":"578103438","full_name":"jon-brandy/hackthebox","owner":"jon-brandy","description":"My WriteUps for HackTheBox CTFs, Machines, and Sherlocks.","archived":false,"fork":false,"pushed_at":"2025-06-27T17:17:35.000Z","size":3360,"stargazers_count":123,"open_issues_count":0,"forks_count":23,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-06-27T18:23:07.304Z","etag":null,"topics":["binary-exploitation","ctf","forensics","hackthebox-writeups","htb-machine","htb-sherlocks","htb-writeups","pwn","reverse-engineering"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jon-brandy.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2022-12-14T09:10:24.000Z","updated_at":"2025-06-27T17:17:39.000Z","dependencies_parsed_at":"2023-09-26T14:09:02.188Z","dependency_job_id":"e4a8948c-61a1-466b-b732-470dacbc0c66","html_url":"https://github.com/jon-brandy/hackthebox","commit_stats":null,"previous_names":["jon-brandy/hackthebox"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/jon-brandy/hackthebox","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jon-brandy%2Fhackthebox","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jon-brandy%2Fhackthebox/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jon-brandy%2Fhackthebox/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jon-brandy%2Fhackthebox/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jon-brandy","download_url":"https://codeload.github.com/jon-brandy/hackthebox/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jon-brandy%2Fhackthebox/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":262327297,"owners_count":23294246,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["binary-exploitation","ctf","forensics","hackthebox-writeups","htb-machine","htb-sherlocks","htb-writeups","pwn","reverse-engineering"],"created_at":"2025-06-05T23:07:48.931Z","updated_at":"2025-06-27T20:32:05.931Z","avatar_url":"https://github.com/jon-brandy.png","language":"Python","readme":"\u003cp align=\"center\" width=\"100\"\u003e\n\n\u003cimg src=\"https://github.com/jon-brandy/hackthebox/blob/2e16911adec5955f0648267f8efe6c51d29cc5a2/Untitled120_20231005002555.png\" width=\"500\"\u003e\n\n\u003c/p\u003e\n\n\n\u003cdetails\u003e\n \n ### NOTES: NO TIMELINE ACTIVITIES TABLE CREATION FOR EVERY CHALLS.\n\n \u003csummary\u003eSherlocks\u003c/summary\u003e\n \n| No. | Cases | Lessons Learned |\n| :-- | ---------------------------------------------------------------------------------------------------------------------------------- | :-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------: |\n| 1. | [Meerkat](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/Meerkat/README.md) | `Credential stuffing detection`, `Bonitasoft CVE exploitation`, `Packet filtering`, `Custom column value analysis` |\n| 2. | [Bumblebee](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/Bumblebee/README.md) | `SQLite3 file analysis`, `Epoch timestamp conversion`, `NGINX access.log parsing` |\n| 3. | [Lockpick](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/Lockpick/README.md) | `Static malware analysis with Ghidra`, `Reverse engineering C-based malware`, `Python scripting for reversing encryption logic`, `JSON parsing automation` |\n| 4. | [Constellation](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/Constellation/README.md) | `Discord URL forensic analysis`, `URL unfurling techniques` |\n| 5. | [OpTinselTrace-4](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/OpTinselTrace-4/README.md) | `Threat hunting and attacker IP identification`, `Port scanning detection`, `Printer hacking network forensics` |\n| 6. | [Litter](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/Litter/README.md) | `PCAP network traffic analysis`, `DNS tunneling identification` |\n| 7. | [Logjammer](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/Logjammer/README.md) | `Windows Event Log analysis using Event Viewer` |\n| 8. | [Heartbreaker-Continuum](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/Heartbreaker-Continuum/README.md) | `PEStudio and Ghidra for code size identification`, `VirusTotal for file metadata`, `Hex editor for obfuscated strings offsets`, `MITRE ATT\u0026CK technique identification` |\n| 9. | [Hyperfiletable](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/Hyperfiletable/README.md) | `Parsing raw MFT data with analyzeMFT`, `Using MFTExplorer for ZoneID and file size analysis` |\n| 10. | [Subatomic](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/Subatomic/README.md) | `File type identification with Detect It Easy (DIE)`, `Unpacking Nullsoft Installer`, `Malware GUID identification`, `Debugging obfuscated JS in VSCode`, `Code review of Trojan Discord module` |\n| 11. | [Tracer](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/Tracer/README.md) | `Windows Event Log analysis`, `Prefetch file parsing with PECmd`, `$MFT analysis using MFTECmd`, `USN Journal ($J) analysis`, `Sysmon log investigation` |\n| 12. | [Loggy](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/Loggy/README.md) | `Using Ghidra, ANY.RUN, DIE for malware language identification`, `PEStudio and API Monitor for malicious function calls`, `FTP domain tracking`, `IDA graph analysis for disk writes` |\n| 13. | [RogueOne](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/RogueOne/README.md) | `Memory forensics with volatility3`, `Detection of process spoofing` |\n| 14. | [Recollection](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/Recollection/README.md) | `Memory forensics with volatility3`, `Detection of alias IEX usage`, `Browser history dumping`, `Malicious filename identification` |\n| 15. | [Brutus](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/Brutus/README.md) | `Reviewing UNIX auth.log`, `Hunting suspect IP addresses`, `WTMP log analysis` |\n| 16. | [Campfire-1](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/Campfire-1/README.md) | `DC security logs analysis via EventViewer`, `Kerberoasting attack analysis`, `Prefetch file conversion and timeline exploration with PECmd and Timeline Explorer`, `Identifying common Kerberoasting tools` |\n| 17. | [SmartyPants](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/SmartyPants/README.md) | `Windows RDP event log analysis`, `Event log explorer usage`, `Smart screen debug log review` |\n| 18. | [Unit42](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/Unit42/README.md) | `Sysmon EventID definitions`, `Sysmon log analysis`, `UltraVNC infection investigation` |\n| 19. | [BFT](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/BFT/README.md) | `Parsing raw MFT files with MFT Explorer and MFTECmd`, `Malicious file download hunting` |\n| 20. | [Jingle Bell](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/Jingle%20Bell/README.md) | `Forensic analysis of Slack application SQLite database` |\n| 21. | [TickTock](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/TickTock/README.md) | `TeamViewer log analysis for C2 agent and attacker sessions`, `Prefetch log review`, `Sysmon log review for network connections`, `Windows Defender and PowerShell log inspection`, `Drive mounting and C2 hash identification`, `Raw MFT parsing and timeline exploration`, `Timestamp event extraction with Get-WinEvent` |\n| 22. | [Jugglin](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/Jugglin/README.md) | `Forensic analysis of APMX64 files`, `API Monitor for function call interception`, `PowerShell module identification for data exfiltration` |\n| 23. | [Ore](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/Ore/README.md) | `Reviewing Grafana and catscale artifacts`, `XMRIG process analysis`, `Hunting threat actor IPs via UNIX logs`, `Shodan threat intelligence use`, `Cronjob timing analysis with crontab.guru` |\n| 24. | [Ultimatum](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/Ultimatum/README.md) | `Catscale data acquisition review`, `Ultimate-member plugin CVE identification`, `Backdoor user and persistence activity detection` |\n| 25. | [Pikaptcha](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/Pikaptcha/README.md) | `Registry hive analysis with Registry Explorer`, `Malicious PowerShell downloader analysis`, `Threat actor C2 server hunting`, `Reverse shell session timing`, `Phishing JS function identification`, `Lumma Stealer malware investigation` |\n| 26. | [Operation Blackout 2025: Phantom Check](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/Operation%20Blackout%202025:%20Phantom%20Check/README.md)| `Hayabusa`, `Event viewer`, `Identification of virtualization detection activity`, `Timeline explorer`, `Identification of current machine temperature value`, `WMI class abused to retrieve model and manufacturer information` |\n| 27. | [APTNightmare](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Sherlocks/APTNightmare/README.md) | `Packet capture analysis with Wireshark`, `Nmap open port identification with Tshark`, `DNS zone transfer detection`, `Compromised subdomain and credential discovery`, `Memory analysis of web server with Volatility and Ubuntu profile`, `MITRE ATT\u0026CK technique correlation`, `Debian package inspection with dpkg`, `Windows registry hive parsing with Regripper`, `Program execution artifact analysis`, `.lnk file examination`, `Registry hive cleaning`, `Disk image review with FTK Imager`, `Email phishing forensic analysis`, `Prefetch file analysis`, `Raw $MFT parsing`, `PowerShell and event log export`, `Timeline review`, `Encoded PowerShell command decoding`, `VirusTotal IOC identification`, `Cobalt Strike beacon analysis`, `Persistence task detection` |\n\n\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003cbr\u003e\n\u003csummary\u003e Binary Exploitation (PWN) \u003c/summary\u003e\n\n| No. | Challenges | Lessons Learned |\n| :-- | ------------------------------------------------------------------------------------------------------------------------------------------ | :-------------------------------------------------------------------------------------------------------------------------------------------------------: |\n| 1. | [racecar](https://github.com/Bread-Yolk/hackthebox/tree/main/Categories/Pwn/racecar) | `Exploiting format string vulnerabilities to leak stack values` |\n| 2. | [You know 0xDiablos](https://github.com/Bread-Yolk/hackthebox/tree/main/Categories/Pwn/You%20know%200xDiablos) | `Buffer overflow exploitation`, `Return-to-win techniques` |\n| 3. | [Jeeves](https://github.com/Bread-Yolk/hackthebox/tree/main/Categories/Pwn/Jeeves) | `Local variable modification techniques` |\n| 4. | [Space pirate: Entrypoint](https://github.com/Bread-Yolk/hackthebox/tree/main/Categories/Pwn/Space%20pirate%3A%20Entrypoint) | `Format string bugs`, `Local variable modification` |\n| 5. | [Reg](https://github.com/Bread-Yolk/hackthebox/tree/main/Categories/Pwn/Reg) | `Buffer overflow`, `Redirecting program execution` |\n| 6. | [Space pirate: Going Deeper](https://github.com/Bread-Yolk/hackthebox/tree/main/Categories/Pwn/Space%20pirate%3A%20Going%20Deeper) | `Buffer overflow`, `Redirecting program execution` |\n| 7. | [Bat Computer](https://github.com/Bread-Yolk/hackthebox/tree/main/Categories/Pwn/Bat%20Computer) | `Buffer overflow`, `Return-to-shellcode techniques` |\n| 8. | [Blacksmith](https://github.com/Bread-Yolk/hackthebox/tree/main/Categories/Pwn/Blacksmith) | `Buffer overflow`, `Return-to-libc attacks` |\n| 9. | [Shooting star](https://github.com/Bread-Yolk/hackthebox/tree/main/Categories/Pwn/Shooting%20star) | `Buffer overflow`, `Return-to-libc attacks` |\n| 10. | [HTB Console](https://github.com/Bread-Yolk/hackthebox/tree/main/Categories/Pwn/HTB%20Console) | `Buffer overflow`, `Return-to-libc`, `Using .DATA section to write \"/bin/sh\\x00\"` strings |\n| 11. | [Optimistic](https://github.com/Bread-Yolk/hackthebox/tree/main/Categories/Pwn/Optimistic) | `Buffer overflow`, `Integer overflow`, `Return-to-shellcode with alphanumeric payloads` |\n| 12. | [Restaurant](https://github.com/Bread-Yolk/hackthebox/tree/main/Categories/Pwn/Restaurant) | `Buffer overflow`, `Return-to-libc`, `Bypassing MOVAPS protection` |\n| 13. | [Entity](https://github.com/Bread-Yolk/hackthebox/tree/main/Categories/Pwn/Entity) | `Union structure manipulation`, `Type confusion vulnerabilities` |\n| 14. | [Getting Started](https://github.com/Bread-Yolk/hackthebox/tree/main/Categories/Pwn/Getting%20Started) | `Buffer overflow basics` |\n| 15. | [Questionnaire](https://github.com/Bread-Yolk/hackthebox/tree/main/Categories/Pwn/Questionnaire) | `Binary exploitation concepts and questions` |\n| 16. | [Nightmare](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Pwn/Nightmare/README.md) | `Format string bug exploitation`, `Global Offset Table (GOT) overwrite` |\n| 17. | [Void](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Pwn/Void/README.md) | `Buffer overflow`, `Return-to-dl-resolve technique` |\n| 18. | [Fleet Management](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Pwn/Fleet%20Management/README.md) | `Bypassing seccomp sandbox`, `Crafting custom shellcode` |\n| 19. | [Vault-breaker](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Pwn/Vault-breaker/README.md) | `Abusing misconfigurations`, `XOR cipher decoding` |\n| 20. | [Spooky Time](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Pwn/Spooky%20Time/README.md) | `Format string bug exploitation`, `GOT overwrite` |\n| 21. | [Space pirate: Retribution](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Pwn/Space%20pirate%3A%20Retribution/README.md) | `Buffer overflow`, `Return-to-libc`, `Bypassing PIE and ASLR` |\n| 22. | [Space](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Pwn/Space/README.md) | `Buffer overflow`, `Small offset after EIP`, `Custom shellcode crafting` |\n| 23. | [Leet Test](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Pwn/Leet%20Test/README.md) | `Format string bug`, `Overwriting local and global variables` |\n| 24. | [Trick or Deal](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Pwn/Trick%20or%20Deal/README.md) | `Heap exploitation`, `Use-After-Free (UAF)` |\n| 25. | [PwnShop](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Pwn/PwnShop/README.md) | `Buffer overflow`, `Return-to-libc`, `Bypassing PIE and ASLR`, `Stack pivoting` |\n| 26. | [Finale](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Pwn/Finale/README.md) | `Open-Read-Write (ORW) ROP chain exploitation` |\n| 27. | [Hellhound](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Pwn/Hellhound/README.md) | `Heap exploitation`, `House of Spirit technique (glibc 2.23)` |\n| 28. | [Sacred Scrolls: Revenge](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Pwn/Sacred%20Scrolls%3A%20Revenge/README.md) | `Buffer overflow`, `Return-to-libc`, `Base64 encoded payload`, `Bypassing MOVAPS (stack alignment)` |\n| 29. | [Sick ROP](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Pwn/Sick%20ROP/README.md) | `Sigreturn Oriented Programming (SROP)` |\n| 30. | [What does the f say?](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Pwn/What%20does%20the%20f%20say%3F/README.md) | `Format string bug`, `Bypassing PIE, Canary, and ASLR`, `Return-to-libc`, `Bypassing MOVAPS protection` |\n| 31. | [Bon-nie-appetit](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Pwn/Bon-nie-appetit/README.md) | `Heap exploitation`, `maia_arena address leak`, `Off-by-one (OOB) exploit`, `Tcache poisoning` |\n| 32. | [Great Old Talisman](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Pwn/Great%20Old%20Talisman/README.md) | `Buffer overflow`, `GOT overwrite` |\n| 33. | [Spellbook](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Pwn/Spellbook/README.md) | `Heap exploitation`, `Leaking main_arena address`, `Fastbin dup attack`, `Overwriting __malloc_hook with one_gadget` |\n| 34. | [Oxidized ROP](https://github.com/jon-brandy/hackthebox/tree/main/Categories/Pwn/Oxidized%20ROP) | `Rust buffer overflow`, `Local variable overwrite using Unicode characters` |\n| 35. | [Regularity](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Pwn/Regularity/README.md) | `Buffer overflow`, `Return to register` |\n| 36. | [Writing on the Wall](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Pwn/Writing%20on%20the%20Wall/README.md) | `Out-of-bounds write`, `read() vulnerability`, `Local variable overwrite` |\n| 37. | [Execute](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Pwn/Execute/README.md) | `Direct code execution bug`, `Return to shellcode`, `Crafting custom shellcode to bypass bad bytes`, `XOR encoding /bin/sh strings` |\n| 38. | [Rocket Blaster XXX](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Pwn/Rocket%20Blaster%20XXX/README.md) | `Buffer overflow`, `Return-to-win with 3 parameters` |\n| 39. | [Sound of Silence](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Pwn/Sound%20of%20Silence/README.md) | `Return address manipulation with gets()`, `Passing system() as argument`, `Using GDB to trace parent process` |\n| 40. | [r0bob1rd](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Pwn/r0bob1rd/README.md) | `Libc leak via array index clobbering`, `Format string bug to overwrite GOT entry for __stack_chk_fail()`, `OOB bug triggering __stack_chk_fail()` call\\` |\n| 41. | [Assemblers Avenge](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Pwn/Assemblers%20Avenge/README.md) | `Return to shellcode`, `Crafting custom shellcode`, `Using printed /bin/sh strings` |\n| 42. | [No Gadgets](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Pwn/No%20Gadgets/README.md) | `Bypassing strlen() checks`, `Exploiting GLIBC 2.35 gadgets limitation`, `GOT overwrite using controlled RBP`, `Forging fake RBP with PLT stub` |\n| 43. | [Kernel Adventures: Part 1](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Pwn/Kernel%20Adventures%3A%20Part%201/README.md) | `Exploiting race condition vulnerabilities`, `Password hash cracking`, `Double fetch exploitation` |\n\n\n\n\n\n\u003c/details\u003e\n\n\n\u003cdetails\u003e\n\u003cbr\u003e\n\u003csummary\u003e Machines \u003c/summary\u003e\n\n\n| No. | Machine Name | Lessons Learned |\n| :-: | ------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |\n| 1 | [Blue](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Blue/README.md) | `Metasploit`, `smbclient`, `EternalBlue`, `Meterpreter` |\n| 2 | [Jerry](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Jerry/README.md) | `Tomcat exploitation`, `Msfvenom reverse shell`, `Metasploit usage` |\n| 3 | [Lame](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Lame/README.md) | `FTP`, `CVE exploitation`, `Backdoor`, `SMB`, `Remote Code Execution (RCE)` |\n| 4 | [Netmon](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Netmon/README.md) | `FTP enumeration`, `Searchsploit usage` |\n| 5 | [Photobomb](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Photobomb/README.md) | `Command injection`, `Pwncat usage`, `PATH hijacking` |\n| 6 | [Precious](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Precious/README.md) | `Setting up simple Python server`, `PDFKit CVE exploitation`, `Pwncat`, `Ruby exploit`, `YAML exploit` |\n| 7 | [Shoppy](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Shoppy/README.md) | `Gobuster usage`, `NoSQL injection`, `MongoDB exploitation`, `Password hash cracking`, `Ffuf usage`, `Docker privesc via GTFOBins` |\n| 8 | [Cap](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Cap/README.md) | `Exploiting Python 3.8 cap_setuid`, `Wireshark usage`, `IDOR vulnerability` |\n| 9 | [Busqueda](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Busqueda/README.md) | `Server-side template injection (SSTI)`, `Remote code execution (RCE)`, `Gitea exploitation` |\n| 10 | [Knife](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Knife/README.md) | `PHP CVE exploitation`, `Knife binary GTFOBins` |\n| 11 | [Bashed](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Bashed/README.md) | `Gobuster usage`, `Webshell deployment`, `Cronjob exploitation` |\n| 12 | [Shocker](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Shocker/README.md) | `Gobuster usage`, `Shellshock attack`, `Perl binary exploitation` |\n| 13 | [Beep](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Beep/README.md) | `Dirbuster usage`, `Elastix webserver exploitation`, `FreePBX service exploitation` |\n| 14 | [Blocky](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Blocky/README.md) | `Dirbuster usage`, `JADX-GUI for reverse engineering` |\n| 15 | [Bank](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Bank/README.md) | `Gobuster usage`, `Identifying failed hash or encryption methods`, `Msfvenom reverse shell` |\n| 16 | [Nibbles](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Nibbles/README.md) | `Gobuster usage`, `Nibble blog exploit`, `Techmint Linux monitoring script exploit` |\n| 17 | [SteamCloud](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/SteamCloud/README.md) | `Kubernetes exploitation`, `Pod forging` |\n| 18 | [Keeper](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Keeper/README.md) | `WinDbg usage`, `KeePass key dumper (Keydumper)`, `PuTTY key generation and usage (PuttyGen)` |\n| 19 | [Optimum](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Optimum/README.md) | `Rejetto HTTP File Server exploit`, `Metasploit usage` |\n| 20 | [Legacy](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Legacy/README.md) | `SMB CVE exploitation`, `Metasploit usage` |\n| 21 | [Granny](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Granny/README.md) | `Microsoft IIS 6.0 exploit`, `Metasploit usage` |\n| 22 | [Grandpa](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Grandpa/README.md) | `Microsoft IIS 6.0 exploit`, `Metasploit usage` |\n| 23 | [Devel](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Devel/README.md) | `ASPX reverse shell`, `Microsoft IIS 7.5 exploit`, `Metasploit usage` |\n| 24 | [Horizontall](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Horizontall/README.md) | `Generating SSH keygen`, `Port forwarding`, `Laravel 8.4.2 exploit` |\n| 25 | [Validation](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Validation/README.md) | `SQL injection (SQLi)`, `PHP reverse shell` |\n| 26 | [Nunchucks](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Nunchucks/README.md) | `Gobuster usage`, `Nunjucks template engine exploit`, `Perl binary exploitation`, `AppArmor Perl bugs` |\n| 27 | [Late](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Late/README.md) | `Flask SSTI`, `SSH keygen`, `LinPEAS usage`, `Pspy64` |\n| 28 | [BountyHunter](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/BountyHunter/README.md) | `Dirbuster usage`, `XXE exploitation`, `Abusing Python script misconfiguration` |\n| 29 | [Mirai](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Mirai/README.md) | `Raspberry Pi server setup`, `Linux file recovery with dcfldd`, `Volume mounting` |\n| 30 | [Armageddon](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Armageddon/README.md) | `Drupal 7 service exploit`, `Dirty Sock exploit` |\n| 31 | [Paper](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Paper/README.md) | `WordPress exploitation`, `Password reuse`, `LinPEAS usage`, `Sudo exploit` |\n| 32 | [MonitorsTwo](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/MonitorsTwo/README.md) | `Cacti login page exploit`, `Hash cracking with John the Ripper`, `Listing SUID binaries`, `capsh GTFOBins` |\n| 33 | [Inject](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Inject/README.md) | `Directory traversal`, `Searchsploit usage`, `Spring Framework exploit`, `Pspy64`, `YAML forging` |\n| 34 | [Sau](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Sau/README.md) | `Request Baskets v1.2.1 exploit`, `SSRF`, `Maltrail v0.53 exploit` |\n| 35 | [Pilgrimage](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Pilgrimage/README.md) | `ImageMagick LFI`, `Git dumper usage`, `Binwalk CVE RCE` |\n| 36 | [CozyHosting](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/CozyHosting/README.md) | `Dirsearch usage`, `Base64 encoded bash reverse shell`, `JD-GUI`, `PostgreSQL`, `Hash cracking with John and Hashcat`, `sudo GTFOBins` |\n| 37 | [Topology](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Topology/README.md) | `LaTeX injection`, `Ffuf usage`, `Hash cracking with John`, `Pspy64`, `Forging PLT files to exploit Gnuplot binary cronjobs` |\n| 38 | [Explore](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Explore/README.md) | `ADB`, `Metasploit usage`, `ES File Explorer exploit`, `oHostKeyAlgorithms`, `Port forwarding` |\n| 39 | [Previse](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Previse/README.md) | `Dirbuster usage`, `Command injection`, `Hash cracking with John`, `Forging bash gzip`, `PATH hijacking` |\n| 40 | [Broker](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Broker/README.md) | `Apache ActiveMQ exploitation`, `Remote code execution (RCE)` |\n| 41 | [Delivery](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Delivery/README.md) | `Email impersonation`, `Hash cracking using Best64 and John the Ripper` |\n| 42 | [Codify](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Codify/README.md) | `Virtual Machine 2 (VM2) exploitation`, `Hash identification`, `Hash cracking with John`, `Python bruteforce script creation` |\n| 43 | [Analytics](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Analytics/README.md) | `Metabase login page exploit`, `Metasploit usage`, `LinPEAS usage`, `Local privilege escalation on Ubuntu 22.10 / 22.04` |\n| 44 | [Soccer](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Soccer/README.md) | `Dirsearch usage`, `H3K Tiny File Manager exploitation`, `WebSocket exploitation`, `SQLmap for blind SQLi`, `Privilege escalation using SUID doas`, `Forging dstat using Python` |\n| 45 | [Timelapse](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Timelapse/README.md) | `Enumerating public SMB shares with smbclient`, `Cracking Personal Information Exchange (PFX) files`, `OpenSSL`, `pfx2john`, `evil-winrm`, `Active Directory enumeration` |\n| 46 | [Devvortex](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Devvortex/README.md) | `Ffuf usage`, `Dirsearch usage`, `Joomla v4.2 CMS exploitation`, `Password hash cracking with John`, `apport-cli binary exploitation` |\n| 47 | [Return](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Return/README.md) | `SMB service enumeration with smbclient and enum4linux`, `Abusing printer's network`, `evil-winrm`, `Group membership enumeration for svc-printer account`, `Msfvenom`, `Active Directory security group abuse`, `Metasploit usage` |\n| 48 | [Irked](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Irked/README.md) | `Unreal Engine 3.2.8.1 exploitation`, `Metasploit usage`, `LinPEAS usage` |\n| 49 | [Perfection](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Perfection/README.md) | `WEBrick 1.7.0 exploitation`, `ERB and Ruby RCE`, `LinPEAS usage`, `Time-based password hash cracking with John` |\n| 50 | [Headless](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Headless/README.md) | `XSS`, `Cookie stealing`, `Command injection`, `Remote code execution (RCE)`, `Abusing syscheck misconfiguration for root` |\n| 51 | [Wifinetic](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/Wifinetic/README.md) | `FTP anonymous login`, `WiFi network interface enumeration`, `WiFi network configuration dumping`, `WPS PIN brute forcing using Reaver` |\n| 52 | [OpenAdmin](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/OpenAdmin/README.md) | `Dirsearch usage`, `OpenNetAdmin v18.1.1 exploit`, `Bash reverse shell`, `Abusing Apache2 internal misconfiguration`, `Password cracking with John`, `Port forwarding`, `Webshell deployment`, `SSH private key cracking`, `Privilege escalation in nano by resetting stdin/stdout/stderr` |\n| 53 | [TraceBack](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Machines/TraceBack/README.md) | `Gobuster usage`, `SSH key generation`, `Forging Lua scripts`, `SSH MOTD manipulation` |\n\n\n\n\u003c/details\u003e\n\n\n\n\u003cdetails\u003e\n\u003cbr\u003e\n\u003csummary\u003e GamePwn \u003c/summary\u003e\n\n\n|No.|Column 1|Column 2|Column 3|\n|:-:|:-------:|:-------:|:-------:|\n|1. |[CubeMadness1](https://github.com/jon-brandy/hackthebox/blob/main/Categories/GamePwn/CubeMadness1/README.md)|||\n\n\u003c/details\u003e\n\n\n\u003cdetails\u003e\n\u003cbr\u003e\n\u003csummary\u003e Web \u003c/summary\u003e\n \n|No.|Column 1|Column 2|Column 3|\n|:-:|:-------:|:-------:|:-------:|\n|1. |[Templated](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Web/Templated/README.md)|[LoveTok](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Web/LoveTok/README.md)|[Phonebook](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Web/Phonebook/README.md)|\n|2. |[Spookifier](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Web/Spookifier/README.md)|[looking glass](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Web/looking%20glass/README.md)|[sanitize](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Web/sanitize/README.md)|\n|3. |[baby auth](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Web/baby%20auth/README.md)|[baby BonChewerCon](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Web/baby%20BoneChewerCon/README.md)|[Full Stack Conf](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Web/Full%20Stack%20Conf/README.md)|\n|4. |[baby interdimensional internet](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Web/baby%20interdimensional%20internet/README.md)|[Juggling facts](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Web/Juggling%20facts/README.md)|[baby nginxatsu](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Web/baby%20nginxatsu/README.md)|\n|5. |[baby todo or not todo](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Web/baby%20todo%20or%20not%20todo/README.md)|[baby WAFfles order](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Web/baby%20WAFfles%20order/README.md)|[BlinkerFluids](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Web/BlinkerFluids/README.md)|\n|6. |[Orbital](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Web/Orbital/README.md)|[Trapped Source](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Web/Trapped%20Source/README.md)|[Passman](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Web/Passman/README.md)|\n|7. |[SpookTastic](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Web/SpookTastic/README.md)|[CandyVault](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Web/CandyVault/README.md)|[HauntMart](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Web/HauntMart/README.md)|\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003cbr\u003e\n\u003csummary\u003e Forensics \u003c/summary\u003e\n \n|No.|Column 1|Column 2|Column 3|\n|:-:|:-------:|:-------:|:-------:|\n|1. |[Illumination](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Illumination/README.md)|[MarketDump](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/MarketDump/README.md)|[Wrong Spooky Seasaon](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Wrong%20Spooky%20Season/README.md)|\n|2. |[Marshal in the Middle](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Marshal%20in%20the%20Middle/README.md)|[Chase](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Chase/README.md)|[Event Horizon](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Event%20Horizon/README.md)|\n|3. |[Insider](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Insider/README.md)|[Export](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Export/README.md)|[Persistence](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Persistence/README.md)|\n|4. |[No Place To Hide](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/No%20Place%20To%20Hide/README.md)|[Lure](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Lure/README.md)|[Logger](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Logger/README.md)|\n|5. |[Halloween Invitation](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Halloween%20Invitation/README.md)|[Peel Back The Layers](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Peel%20Back%20The%20Layers/README.md)|[Reminiscent](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Reminiscent/README.md)|\n|6. |[Intergalactic Recovery](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Intergalactic%20Recovery/README.md)|[Downgrade](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Downgrade/README.md)|[Automation](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Automation/README.md)|\n|7. |[Perseverance](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Perseverance/README.md)|[Deadly Arthropod](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Deadly%20Arthropod/README.md)|[Keep Tryin'](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Keep%20Tryin'/README.md)|\n|8. |[Strike Back](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Strike%20Back/README.md)|[Diagnostic](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Diagnostic/README.md)|[Fake News](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Fake%20News/README.md)|\n|9. |[POOF](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/POOF/README.md)|[Alien Cradle](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Alien%20Cradle/README.md)|[Extraterrestrial Persistence](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Extraterrestrial%20Persistence/README.md)|\n|10. |[Artifact Of Dangerous Sighting](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Artifact%20Of%20Dangerous%20Sighting/README.md)|[oBfsC4t10n2](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/oBfsC4t10n2/README.md)|[Packet Cyclone](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Forensics/Packet%20Cyclone/README.md)|\n|11. |[Scripts and Formulas](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Forensics/Scripts%20and%20Formulas/README.md)|\n\n \n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003cbr\u003e\n\u003csummary\u003e Cryptography \u003c/summary\u003e\n\n|No.|Column 1|Column 2|Column 3|\n|:-:|:-------:|:-------:|:-------:|\n|1. |[BabyEncryption](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Cryptography/BabyEncryption/README.md)|[xorxorxor](https://github.com/jon-brandy/hackthebox/tree/main/Categories/Cryptography/xorxorxor)|[Android in the Middle](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Cryptography/Android-in-the-Middle/README.md)|\n|2. |[Weak RSA](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Cryptography/Weak%20RSA/README.md)|[Classic, yet complicated!](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Cryptography/Classic%2C%20yet%20complicated!/README.md)|[Brainy's Cipher](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Cryptography/Brainy's%20Cipher/README.md)|\n|3. |[Gonna-Lift-Em-All](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Cryptography/Gonna-Lift-Em-All/README.md)|[Ancient Encodings](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Cryptography/Ancient%20Encodings/README.md)|[Nuclear Sale](https://github.com/Bread-Yolk/hackthebox/blob/main/Categories/Cryptography/Nuclear%20Sale/README.md)|\n\n\n\n\u003c/details\u003e\n\n\n\u003cdetails\u003e\n\u003cbr\u003e\n\u003csummary\u003e Reversing \u003c/summary\u003e\n \n|No.|Column 1|Column 2|Column 3|\n|:-:|:-------:|:-------:|:-------:|\n|1. |[Impossible Password](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Reversing/Impossible%20Password/README.md)|[Bypass](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Reversing/Bypass/README.md)|[Behind the Scenes](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Reversing/Behind%20the%20Scenes/README.md)|\n|2. |[WIDE](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Reversing/WIDE/README.md)|[Baby RE](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Reversing/Baby%20RE/README.md)|[You Cant C Me](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Reversing/You%20Cant%20C%20Me/README.md)|\n|3. |[Find The Easy Pass](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Reversing/Find%20The%20Easy%20Pass/README.md)|[Baby Crypt](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Reversing/Baby%20Crypt/README.md)|[Ransom](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Reversing/Ransom/README.md)|\n|4. |[Anti Flag](https://github.com/Bread-Yolk/hackthebox/tree/main/Categories/Reversing/Anti%20Flag)|[Ouija](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Reversing/Ouija/README.md)|[Tear Or Dear](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Reversing/Tear%20Or%20Dear/README.md)|\n|5. |[Rebuilding](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Reversing/Rebuilding/README.md)|[Teleport](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Reversing/Teleport/README.md)|[Hunting License](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Reversing/Hunting%20License/README.md)|\n|6. |[Shattered Tablet](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Reversing/Shattered%20Tablet/README.md)|||\n\n\u003c/details\u003e\n\n\n\u003cdetails\u003e\n\u003cbr\u003e\n\u003csummary\u003e OSINT \u003c/summary\u003e\n\n|No.|Column 1|Column 2|Column 3|\n|:-:|:-------:|:-------:|:-------:|\n|1. |[Easy Phish](https://github.com/jon-brandy/hackthebox/blob/main/Categories/OSINT/Easy%20Phish/README.md)|[Infiltration](https://github.com/jon-brandy/hackthebox/blob/main/Categories/OSINT/Infiltration/README.md)|[Money Flowz](https://github.com/jon-brandy/hackthebox/blob/main/Categories/OSINT/Money%20Flowz/README.md)|\n|2. |[Missing in Action](https://github.com/jon-brandy/hackthebox/blob/main/Categories/OSINT/Missing%20in%20Action/README.md)|[ID Exposed](https://github.com/jon-brandy/hackthebox/blob/main/Categories/OSINT/ID%20Exposed/README.md)|[0ld is g0ld](https://github.com/jon-brandy/hackthebox/blob/main/Categories/OSINT/0ld%20is%20g0ld/README.md)|\n\n\n\u003c/details\u003e\n\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003cbr\u003e\n\u003csummary\u003e Mobile \u003c/summary\u003e\n\n|No.|Column 1|Column 2|Column 3|\n|:-:|:-------:|:-------:|:-------:|\n|1. |[Cat](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Mobile/Cat/README.md)|[Don't Overreact](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Mobile/Don't%20Overreact/README.md)|[APKey](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Mobile/APKey/README.md)|\n|2. |[Pinned](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Mobile/Pinned/pinned.md)|[APKrypt](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Mobile/APKrypt/README.md)|[Manager](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Mobile/Manager/README.md)|\n|3. |[Anchored](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Mobile/Anchored/README.md)|[]()|[]()|\n\n\n\n\n\u003c/details\u003e\n\n\n\u003cdetails\u003e\n\u003cbr\u003e\n\u003csummary\u003e Hardware \u003c/summary\u003e\n\n|No.|Column 1|Column 2|Column 3|\n|:-:|:-------:|:-------:|:-------:|\n|1. |[Debugging Interface](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Hardware/Debugging%20Interface/README.md)|[Gawk](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Hardware/Gawk/README.md)|[Photon Lockdown](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Hardware/Photon%20Lockdown/README.md)|\n\n\n\u003c/details\u003e\n\n\n\n\u003cdetails\u003e\n\u003cbr\u003e\n\u003csummary\u003e Misc \u003c/summary\u003e\n \n|No.|Column 1|Column 2|Column 3|\n|:-:|:-------:|:-------:|:-------:|\n|1. |[Canvas](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Misc/Canvas/README.md)|[fs0ciety](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Misc/fs0ciety/README.md)|[Milkshake](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Misc/Milkshake/README.md)|\n|2. |[Hackerman](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Misc/Hackerman/README.md)|[Da Vinci](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Misc/Da%20Vinci/README.md)|[Art](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Misc/Art/README.md)|\n|3. |[misDIRection](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Misc/misDIRection/README.md)|[Emdee five for life](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Misc/Emdee%20five%20for%20life/README.md)|[The secret of a Queen](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Misc/The%20secret%20of%20%20a%20Queen/README.md)|\n|4. |[Eternal Loop](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Misc/Eternal%20Loop/README.md)||\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003cbr\u003e\n\u003csummary\u003eBlockchain\u003c/summary\u003e\n \n|No.|Column 1|Column 2|Column 3|\n|:-:|:-------:|:-------:|:-------:|\n|1. |[Survival of the Fittest](https://github.com/jon-brandy/hackthebox/blob/main/Categories/Blockchain/Survival%20of%20the%20Fittest/README.md)|||\n \n\u003c/details\u003e\n\n\n\n\n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjon-brandy%2Fhackthebox","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjon-brandy%2Fhackthebox","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjon-brandy%2Fhackthebox/lists"}