how insecure FTP configurations, overly permissive NFS exports, and poorly coded set-UID scripts can be chained together to achieve full system compromise.

Pyrat room is a beginner-friendly Capture The Flag (CTF) challenge focused on exploiting a vulnerable Python-based web application. The machine hosts a Python interpreter over a raw TCP connection,...

This room teaches how to bypass PHP disabled functions, commonly used in Web CTFs and real-world restricted environments.

Hack this machine and get the flag. There are lots of hints along the way and is perfect for beginners!

A detailed walkthrough of the Cheese CTF challenge, covering reconnaissance, enumeration, exploitation, and privilege escalation.

This room uses the Juice Shop vulnerable web application to learn how to identify and exploit common web application vulnerabilities.

Learn about and exploit each of the OWASP Top 10 vulnerabilities; the 10 most critical web security risks.

This is a machine that allows you to practise web app hacking and privilege escalation

Practice using tools such as Nmap and GoBuster to locate a hidden directory to get initial access to a vulnerable machine. Then escalate your privileges through a vulnerable cronjob.

Pickle Rick is a fun beginner-level TryHackMe room where you help Rick gain access to a server and find ingredients to turn himself back into a human. It teaches basic Linux enumeration, file permi...