Hack The Box Write-ups


Hack The Box is a massive, online cybersecurity training platform, allowing individuals, companies, universities and all kinds of organizations around the world to level up their hacking skills.

Note: According to Hack The Box writeups guidelines and Terms of Service, only Retired Content will be described here.

Active Directory

The following machines mainly focus on Active Directory exploitation. Most of them have realistic scenarios that could be applied in real world penetration tests.

Write-up Difficulty Topics
Forest EASY WinRM, ASREPRoast, Cracking, Bloodhound
Sauna EASY WinRM, ASREPRoast, Cracking
Active EASY WinRM, Kerberoasting, GPP
Resolute MEDIUM Metasploit, Cleartext Credentials
Cascade MEDIUM Cryptography, Reverse Engineering, SQL
Intelligence MEDIUM GMSA, DNS, Cracking, Bloodhound
Monteverde MEDIUM Bloodhound, Enumeration, Azure
StreamIO MEDIUM RFI, SQLi, Web, LAPS
Blackfield HARD ASREPRoast, Token Abuse, SMB, LSASS
Reel HARD Phishing, AppLocker, PowerShell, Metasploit
Mantis HARD Web, SQL, CVE, Kerberos
Search HARD PowerShell, Enumeration, GMSA
Acute HARD PowerShell, Web, Metasploit
Object HARD WinRM, Jenkins, Web, Enumeration
Sizzle INSANE Web, SCF, CLM, AppLocker
Multimaster INSANE WAF, SQLi, Reverse Engineering, ASREPRoast

Updated: