Topic
145 articles
Walkthroughs
Step-by-step HackTheBox machine writeups, Pro Labs, Fortresses and exam-lab walkthroughs — full recon, exploitation and privilege …
Topic
57 articles
Web Hacking
Hands-on web exploitation — SQLi, XSS, SSRF, XXE, SSTI, request smuggling and the full OWASP Top 10.
Topic
42 articles
AI/LLM Security
LLM and ML security — prompt injection, jailbreaks, RAG attacks, adversarial ML and AI red teaming.
Topic
34 articles
Active Directory
Attacking and defending Active Directory — Kerberoasting, ADCS, delegation, ACL abuse, BloodHound, trusts and persistence.
Topic
32 articles
Red Team
Adversary simulation — C2, phishing, initial access, AV/EDR evasion, lateral movement and persistence.
Topic
25 articles
Mobile Security
Android and iOS pentesting — Frida, APK/IPA reverse engineering, SSL pinning bypass and insecure storage.
Topic
25 articles
Reverse Engineering
Binary analysis and exploit dev — Ghidra/IDA, x86 assembly, ROP, fuzzing and packed-binary unpacking.
Topic
22 articles
Network Security
Network attack and defence — ARP/DHCP/VLAN abuse, MITM, pivoting, Wi-Fi, BLE, SNMP and SMB.
Topic
21 articles
API Security
API pentesting — REST, GraphQL and gRPC, the OWASP API Top 10, BOLA/BFLA, webhooks and gateways.
Topic
13 articles
Checklist
Field-ready pentest checklists turned into step-by-step "how to test" guides — for every item: the scenario, the real co…
Topic
9 articles
Pro Labs
Multi-host HackTheBox Pro Lab walkthroughs — full enterprise-network compromise across forests and flags.
Topic
8 articles
Cloud Security
Cloud attack paths — AWS, Azure and GCP IAM, Kubernetes, container escapes and CI/CD pipeline abuse.
Topic
6 articles
Tools & Scripts
Security tooling and automation — custom scripts and exploits for recon, exploitation and post-exploitation.
Topic
6 articles
Privilege Escalation
Linux and Windows privilege escalation — misconfigs, SUID, kernel exploits, token abuse and weak services.
Topic
4 articles
Fortress
HackTheBox Fortress walkthroughs — multi-flag vendor challenge labs spanning web, binary, crypto and more.
Topic
3 articles
OSINT
Open-source intelligence — target profiling, breach data, dark-web monitoring and OSINT tooling.
Topic
3 articles
Certifications
Exam reviews and prep guides — OSCP, CPTS, CWEE and more, with strategy, lab notes and real exam experience.
Topic
2 articles
Malware Analysis
Static and dynamic malware analysis — unpacking, behavioural sandboxing, RE and indicators of compromise.
Topic
2 articles
Cryptography
Ciphers, hashing and crypto attacks — padding oracles, hash cracking, RSA flaws and TLS weaknesses.