VM

THM_Neighbour_done || THM_Lo-Fi_done || THM_Enumerating_Active_Directory_done || THM_Easy_VulnNet_Roasted_done || THM_Attacktive_Directory_done || THM_Attacking_Kerberos_done || Port_Swigger_Web shell upload via path traversal || Port_Swigger_Web shell upload via obfuscated file || Port_Swigger_Web shell upload via extension blackl || Port_Swigger_Web shell upload via Content-Type res || Port_Swigger_Visible error-based SQL injection || Port_Swigger_Using application functionality to ex || Port_Swigger_Username enumeration via subtly diffe || Port_Swigger_Username enumeration via response tim || Port_Swigger_Username enumeration via different re || Port_Swigger_Username enumeration via account lock || Port_Swigger_User role controlled by request param || Port_Swigger_User role can be modified in user pro || Port_Swigger_User ID controlled by request paramet || Port_Swigger_URL-based access control can be circu || Port_Swigger_Unprotected admin functionality || Port_Swigger_Unprotected admin functionality with || Port_Swigger_Stored XSS into HTML context with not || Port_Swigger_Stored XSS into anchor href attribute || Port_Swigger_Stored DOM XSS || Port_Swigger_SSRF with filter bypass via open redi || Port_Swigger_SSRF with blacklist-based input filte || Port_Swigger_SQL injection with filter bypass via || Port_Swigger_SQL injection vulnerability in WHERE || Port_Swigger_SQL injection vulnerability allowing || Port_Swigger_SQL injection UNION attack, retrievin || Port_Swigger_SQL injection UNION attack, retrievin-1 || Port_Swigger_SQL injection UNION attack, finding a || Port_Swigger_SQL injection UNION attack, determini || Port_Swigger_SQL injection attack, querying the da || Port_Swigger_SQL injection attack, querying the da-1 || Port_Swigger_SQL injection attack, listing the dat || Port_Swigger_SQL injection attack, listing the dat-1 || Port_Swigger_Source code disclosure via backup fil || Port_Swigger_Remote code execution via web shell u || Port_Swigger_Remote code execution via polyglot we || Port_Swigger_Reflected XSS with some SVG markup al || Port_Swigger_Reflected XSS into HTML context with || Port_Swigger_Reflected XSS into HTML context with -2 || Port_Swigger_Reflected XSS into HTML context with -1 || Port_Swigger_Reflected XSS into attribute with ang || Port_Swigger_Reflected XSS into a JavaScript strin || Port_Swigger_Reflected XSS in canonical link tag || Port_Swigger_Reflected DOM XSS || Port_Swigger_Password reset poisoning via middlewa || Port_Swigger_Password reset broken logic || Port_Swigger_Password brute-force via password cha || Port_Swigger_OS command injection, simple case || Port_Swigger_Offline password cracking || Port_Swigger_OAuth account hijacking via redirect_ || Port_Swigger_Modifying serialized objects || Port_Swigger_Modifying serialized data types || Port_Swigger_Manipulating WebSocket messages to ex || Port_Swigger_JWT authentication bypass via unverif || Port_Swigger_JWT authentication bypass via flawed || Port_Swigger_Insecure direct object references || Port_Swigger_Information disclosure on debug page || Port_Swigger_Information disclosure in version con || Port_Swigger_Information disclosure in error messa || Port_Swigger_Inconsistent security controls || Port_Swigger_High-level logic vulnerability || Port_Swigger_Forced OAuth profile linking || Port_Swigger_Flawed enforcement of business rules || Port_Swigger_Finding and exploiting an unused API || Port_Swigger_File path traversal, validation of st || Port_Swigger_File path traversal, validation of fi || Port_Swigger_File path traversal, traversal sequen || Port_Swigger_File path traversal, traversal sequen-2 || Port_Swigger_File path traversal, traversal sequen-1 || Port_Swigger_File path traversal, simple case || Port_Swigger_Exploiting XXE via image file upload || Port_Swigger_Exploiting XXE using external entitie || Port_Swigger_Exploiting XXE to perform SSRF attack || Port_Swigger_Exploiting XInclude to retrieve files || Port_Swigger_Exploiting server-side parameter poll || Port_Swigger_Exploiting NoSQL operator injection t || Port_Swigger_Exploiting NoSQL injection to extract || Port_Swigger_Exploiting Java deserialization with || Port_Swigger_Exploiting blind XXE to retrieve data || Port_Swigger_Exploiting blind XXE to exfiltrate da || Port_Swigger_Exploiting an API endpoint using docu || Port_Swigger_Exploiting a mass assignment vulnerab || Port_Swigger_Excessive trust in client-side contro || Port_Swigger_DOM XSS in jQuery selector sink using || Port_Swigger_DOM XSS in jQuery anchor href attribu || Port_Swigger_DOM XSS in innerHTML sink using sourc || Port_Swigger_DOM XSS in document.write sink using || Port_Swigger_DOM XSS in document.write sink using -1 || Port_Swigger_DOM XSS in AngularJS expression with || Port_Swigger_Detecting NoSQL injection || Port_Swigger_CSRF where token validation depends o || Port_Swigger_CSRF where token validation depends o-1 || Port_Swigger_CSRF where token is not tied to user || Port_Swigger_CSRF vulnerability with no defenses || Port_Swigger_Clickjacking with form input data pre || Port_Swigger_Brute-forcing a stay-logged-in cookie || Port_Swigger_Broken brute-force protection, IP blo || Port_Swigger_Blind XXE with out-of-band interactio || Port_Swigger_Blind XXE with out-of-band interactio-1 || Port_Swigger_Blind SSRF with out-of-band detection || Port_Swigger_Blind SQL injection with time delays || Port_Swigger_Blind SQL injection with time delays || Port_Swigger_Blind SQL injection with out-of-band || Port_Swigger_Blind SQL injection with out-of-band -1 || Port_Swigger_Blind SQL injection with conditional || Port_Swigger_Blind SQL injection with conditional -1 || Port_Swigger_Blind OS command injection with time || Port_Swigger_Blind OS command injection with outpu || Port_Swigger_Blind OS command injection with out-o || Port_Swigger_Blind OS command injection with out-o-1 || Port_Swigger_Basic SSRF against the local server || Port_Swigger_Basic SSRF against another back-end s || Port_Swigger_Basic server-side template injection || Port_Swigger_Basic server-side template injection || Port_Swigger_Basic password reset poisoning || Port_Swigger_Basic clickjacking with CSRF token pr || Port_Swigger_Authentication bypass via OAuth impli || Port_Swigger_Authentication bypass via information || Port_Swigger_Arbitrary object injection in PHP || Port_Swigger_Accidental exposure of private GraphQ || Port_Swigger_Accessing private GraphQL posts || Port_Swigger_2FA simple bypass || Port_Swigger_2FA broken logic || PG_Practice_Zipper_done || PG_Practice_Zino_done || PG_Practice_ZenPhoto_done || PG_Practice_Y0usef_done || PG_Practice_XposedAPI_done || PG_Practice_Wombo_done || PG_Practice_Wheels_done || PG_Practice_VoIP_done || PG_Practice_Vector_done || PG_Practice_Vault_done || PG_Practice_Vanity_done || PG_Practice_UC404_done || PG_Practice_Twiggy_done || PG_Practice_Tico_done || PG_Practice_Thor_done || PG_Practice_Ted_done || PG_Practice_Symbolic_done || PG_Practice_Sybaris_done || PG_Practice_Surf_done || PG_Practice_SunsetTwilight_done || PG_Practice_Squid_done || PG_Practice_Splodge_done || PG_Practice_Spaghetti_done || PG_Practice_Sorcerer_done || PG_Practice_Sona_done || PG_Practice_Snookums_done || PG_Practice_Slort_done || PG_Practice_Sirol_done || PG_Practice_Shiftdel_done || PG_Practice_Shenzi_done || PG_Practice_Scarecrow1.1_done || PG_Practice_RubyDome_done || PG_Practice_Roquefort_done || PG_Practice_Resourced_done || PG_Practice_Readys_done || PG_Practice_Quackerjack_done || PG_Practice_PyLoader_done || PG_Practice_PwnLab_done || PG_Practice_ProStore_done || PG_Practice_Press_done || PG_Practice_Postfish_done || PG_Practice_Plum_done || PG_Practice_PlanetExpress_done || PG_Practice_Peppo_done || PG_Practice_Pelican_done || PG_Practice_Pebbles_done || PG_Practice_pc_done || PG_Practice_Payday_done || PG_Practice_Nukem_done || PG_Practice_Nickel_done || PG_Practice_Nibbles_done || PG_Practice_Nappa_done || PG_Practice_Nagoya_done || PG_Practice_Medjed_done || PG_Practice_Matrimony_done || PG_Practice_Marketing_done || PG_Practice_Markers_done || PG_Practice_Maria_done || PG_Practice_Lunar_done || PG_Practice_Levram_done || PG_Practice_LazySysAdmin_done || PG_Practice_law_done || PG_Practice_JISCTF_done || PG_Practice_Jacko_done || PG_Practice_Internal_done || PG_Practice_Image_done || PG_Practice_Hutch_done || PG_Practice_Hunit_done || PG_Practice_Hub_done || PG_Practice_Hetemit_done || PG_Practice_Helpdesk_done || PG_Practice_Heist_done || PG_Practice_HAWordy_done || PG_Practice_GLPI_done || PG_Practice_GitRoot_done || PG_Practice_Geisha_done || PG_Practice_Fractal_done || PG_Practice_Fowsniff_done || PG_Practice_Flimsy_done || PG_Practice_Flasky_done || PG_Practice_Fanatastic_done || PG_Practice_Fail_done || PG_Practice_Extplorer_done || PG_Practice_Exghost_done || PG_Practice_Exfiltrated_done || PG_Practice_ERP_done || PG_Practice_DVR4_done || PG_Practice_Dibble_done || PG_Practice_DepthB2R_done || PG_Practice_Deception_done || PG_Practice_DC5_done || PG_Practice_CTF-200-08_done || PG_Practice_CTF-200-07_done || PG_Practice_CTF-200-06_done || PG_Practice_CTF-200-05_done || PG_Practice_CTF-200-04_done || PG_Practice_CTF-200-01_done || PG_Practice_Crane_done || PG_Practice_Craft2_done || PG_Practice_Covfefe_done || PG_Practice_Codo_done || PG_Practice_Cockpit_done || PG_Practice_Clue_done || PG_Practice_ClamAV_done || PG_Practice_Chatty_done || PG_Practice_Catto_done || PG_Practice_Cassios_done || PG_Practice_bullyBox_done || PG_Practice_BrokenGallery_done || PG_Practice_Bratarina_done || PG_Practice_BossPlayersCTF_done || PG_Practice_Boolean_done || PG_Practice_BlackGate_done || PG_Practice_Billyboss_done || PG_Practice_Astronaut_done || PG_Practice_Assignment_done || PG_Practice_Apex_done || PG_Practice_Algernon_done || PG_Play_Vegeta1_done || PG_Play_Tre_done || PG_Play_SunsetNoontide_done || PG_Play_SunsetMidnight_done || PG_Play_SunsetDecoy_done || PG_Play_Sumo_done || PG_Play_Stapler_done || PG_Play_SoSimple_done || PG_Play_Solstice_done || PG_Play_Shakabrah_done || PG_Play_Seppuku_done || PG_Play_Sar_done || PG_Play_PyExp_done || PG_Play_Pwned1_done || PG_Play_Potato_done || PG_Play_Photographer_done || PG_Play_OnSystemShellDredd_done || PG_Play_NoName_done || PG_Play_My-CMSMS_done || PG_Play_Monitoring_done || PG_Play_Moneybox_done || PG_Play_Loly_done || PG_Play_Lampiao_done || PG_Play_Katana_done || PG_Play_InsanityHosting_done || PG_Play_InfosecPrep_done || PG_Play_Inclusiveness_done || PG_Play_ICMP_done || PG_Play_Ha-natraj_done || PG_Play_GlasgowSmile_done || PG_Play_Gaara_done || PG_Play_Funbox_done || PG_Play_FunboxRookie_done || PG_Play_FunboxEasy_done || PG_Play_FunboxEasyEnum_done || PG_Play_EvilBox-One_done || PG_Play_Empire-breakout_done || PG_Play_Election1_done || PG_Play_DriftingBlue6_done || PG_Play_Djinn3_done || PG_Play_DC-9_done || PG_Play_DC-1_done || PG_Play_Dawn_done || PG_Play_CyberSploit1_done || PG_Play_BTRSys2.1_done || PG_Play_Blogger_done || PG_Play_BBSCute_done || PG_Play_Assertion101_done || PG_Play_Amaterasu_done || Azure Cloud Red Teaming || AWS Cloud Red Teaming_done || HTB_Validation_done || HTB_Timelapse_done || HTB_Support_done || HTB_StreamIO_done || HTB_Soccer_done || HTB_Shoppy_done || HTB_Sea_done || HTB_ScriptKiddie_done || HTB_Sau_done || HTB_Sauna_done || HTB_Return_done || HTB_Precious_done || HTB_Pilgrimage_done || HTB_Photobomb_done || HTB_Pandora_done || HTB_OpenAdmin_done || HTB_Nibbles_done || HTB_Networked_done || HTB_Netmon_done || HTB_Monteverde_done || HTB_Manager_done || HTB_Mailing_done || HTB_Magic_done || HTB_Love_done || HTB_Lame_done || HTB_Laboratory_done || HTB_Knife_done || HTB_Keeper_done || HTB_Jerry_done || HTB_Jeeves_done || HTB_Intelligence_done || HTB_Help_done || HTB_Headless_done || HTB_Forest_done || HTB_Escape_done || HTB_Editorial_done || HTB_Doctor_done || HTB_CozyHosting_done || HTB_Codify_done || HTB_Cicada_done || HTB_Cascade_done || HTB_Cap_done || HTB_Busqueda_done || HTB_Buff_done || HTB_Broker_done || HTB_BoardLight_done || HTB_Blunder_done || HTB_Blackfield_done || HTB_Backdoor_done || HTB_Atom_done || HTB_Arctic_done || HTB_Aero_done || HTB_Administrator_done || HTB_Active_done || HTB_Access_done || HTB_Academy_done || CRTA_done ||