Calm-Ay/hackthebox-writeups

# Hack The Box — Penetration Tester Writeups **Author:** Rasaq Ayomide (Calm Ay) **Profile:** [calm-ay.github.io](https://calm-ay.github.io) · [LinkedIn](https://www.linkedin.com/in/rasaq-ayomide-sec) · [GitHub](https://github.com/Calm-Ay) Real Hack The Box lab walkthroughs documenting reconnaissance, exploitation, privilege escalation, and key takeaways. Every writeup reflects actual hands-on work — not copied solutions. ## Writeups | # | Lab | Difficulty | Topics | Writeup | |---|-----|-----------|--------|---------| | 01 | HTB Academy — Getting Started | Beginner | Nmap, WPScan, Path Traversal, Privilege Escalation | [PDF](./HTB_GettingStarted_Writeup.pdf) | | 02 | HTB — Nibbles | Easy | Nmap, NibbleBlog CMS, File Upload RCE, Sudo Privesc, Metasploit | [PDF](./HTB_Nibbles_Writeup.pdf) | | 03 | HTB Academy — Knowledge Check | Beginner | GetSimple CMS, CSRF Bypass, Theme Editor RCE, GTFOBins PHP | [PDF](./HTB_KnowledgeCheck_Writeup.pdf) | | 04 | HTB Academy — Network Enumeration with Nmap | Beginner | Host Discovery, Port Scanning, NSE, Service Enumeration, IDS/IPS Evasion | [PDF](./HTB_Nmap_Module_Writeup.pdf) | ## Resources | Resource | Description | File | |----------|-------------|------| | Web Pentesting Methodology Checklist v2.0 | Updated with Nmap module — Host Discovery, TCP/UDP Scanning, Banner Grabbing, NSE, IDS/IPS Evasion, 6 phases | [PDF](./HTB_Pentesting_Methodology_Checklist_v2.pdf) | | Web Pentesting Methodology Checklist v1.0 | Original from Getting Started module — Recon, Web Enum, Exploit Discovery, Foothold, PrivEsc | [PDF](./HTB_Pentesting_Methodology_Checklist.pdf) | ## Skills Demonstrated - Full-port Nmap scanning and service fingerprinting - WordPress and CMS enumeration (WPScan, whatweb, searchsploit) - Public exploit discovery with searchsploit (Exploit-DB) - Unauthenticated path traversal exploitation (EDB-39883) - File upload RCE via CMS plugin vulnerability (NibbleBlog) - CSRF token bypass via automated nonce extraction - Theme editor PHP webshell injection (GetSimple CMS) - Linux privilege escalation via sudo misconfiguration - GTFOBins PHP privilege escalation - SSH private key exploitation - Metasploit for rapid exploitation *More writeups added as labs are completed.*

标签：后端开发