Writeup for the "Titanic" machine on HackTheBox. It involves exploiting LFI to discover sensitive Gitea configuration and database files, cracking PBKDF2 hashes for SSH access, and escalating privileges via a shared library injection in ImageMagick (CVE-2024-41817).

Walkthrough of the "Jerry" machine on HackTheBox. It involves brute-forcing Tomcat Manager credentials, deploying a WAR reverse shell, and retrieving both user and root flags from a Windows system.

Writeup for the "Nibbles" machine on HackTheBox. It involves discovering a vulnerable Nibbleblog CMS, exploiting it via Metasploit for initial access, and escalating privileges by abusing a writable script with sudo rights.