Building a realistic Purple Team lab to detect and respond to SMB uploads / Windows Admin Shares (T1021.002) using Wazuh, Sysmon, FIM and YARA-based Active Response.

Building a realistic Purple Team scenario to detect and respond to LSASS credential dumping (T1003) using Wazuh and Active Response.

Building a realistic Purple Team scenario to detect and respond to PowerShell IEX (T1059.001) with Wazuh and Active Response.

Hack The Box Academy – Penetration Tester Job Role Path Overview Between May and September 2025, I completed the Hack The Box Academy Penetration Tester Job Role Path in just under five months. T...

This machine, named Soupedecode, is an intense and highly engaging Windows challenge. It revolves around compromising a domain controller by leveraging multiple Active Directory attack vectors. Thr...

Can you bypass the login form? This machine, named Capture!, is part of TryHackMe and rated as an easy challenge. It offers a great opportunity to practice fundamental web enumeration and brute fo...

This machine is part of TryHackMe and is rated as an easy-level Linux challenge. While its rating suggests a straightforward box, TakeOver delivers a great hands-on introduction to SSL certificate ...

This machine is part of TryHackMe and is rated as an easy-level Linux challenge. Despite its rating, it offers a solid introduction to web enumeration, access control bypass, and creative client-si...

Dog is an easy-level Linux machine on Hack The Box (HTB) that provides a great introduction to source code leakage, CMS exploitation, and basic privilege escalation techniques. In this walkthrough,...

Support is an easy-level Windows machine on Hack The Box (HTB) that offers a great introduction to Active Directory exploitation, focusing on machine account manipulation, delegation abuse, and Ker...