You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: fortresses/README.md
+1Lines changed: 1 addition & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -106,6 +106,7 @@ The fourth company-created fortress on HTB. Created by Synacktiv, a well-known F
106
106
Created by Amazon Web Services to showcase cloud security concepts. Features realistic techniques ranging from web exploitation to cloud privilege escalations for services used by thousands of businesses. Available to Hacker rank and above.
Copy file name to clipboardExpand all lines: prolabs/README.md
+6Lines changed: 6 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -21,6 +21,7 @@ permalink: /prolabs/
21
21
-**Subnet 2 (172.16.2.0/24):** Internal network requiring pivoting through bastion host
22
22
23
23
### Known Machines
24
+
24
25
| Machine | Role | Key Techniques |
25
26
|---------|------|----------------|
26
27
| DANTE-WEB-NIX01 | Web server (entry point) | Web exploitation, initial foothold |
@@ -65,6 +66,7 @@ permalink: /prolabs/
65
66
-**4 Active Directory Domains:** Multi-domain forest with trust relationships
66
67
67
68
### Techniques Covered
69
+
68
70
| Category | Specific Techniques |
69
71
|----------|-------------------|
70
72
| Web Exploitation | PHP RFI, CMS exploitation, web shells |
@@ -101,6 +103,7 @@ permalink: /prolabs/
101
103
Created by Rastamouse (creator of CRTO certification). Simulates a realistic corporate environment where all systems are reasonably patched, forcing reliance on misconfigurations and AD weaknesses rather than CVEs.
102
104
103
105
### Techniques Covered
106
+
104
107
| Category | Specific Techniques |
105
108
|----------|-------------------|
106
109
| Initial Access | Phishing campaigns, OSINT on company info |
@@ -142,6 +145,7 @@ Created by Rastamouse (creator of CRTO certification). Simulates a realistic cor
142
145
- Each domain has corresponding servers and workstations
143
146
144
147
### Techniques Covered
148
+
145
149
| Category | Specific Techniques |
146
150
|----------|-------------------|
147
151
| AD Enumeration | BloodHound, domain trust mapping |
@@ -177,6 +181,7 @@ Created by Rastamouse (creator of CRTO certification). Simulates a realistic cor
177
181
Immersive enterprise AD environment with advanced infrastructure and strong security posture. Systems are fully patched with hardened OS configurations. AV catches default payloads.
@@ -209,6 +214,7 @@ Immersive enterprise AD environment with advanced infrastructure and strong secu
209
214
The most challenging ProLab. Simulates a targeted attack by an external threat agent against a Managed Service Provider (MSP). No CVEs are needed - all attacks exploit misconfigurations and trust relationships. Requires C2 framework usage (Cobalt Strike recommended).
0 commit comments