Linux machine demonstrating Python eval command injection, credential reuse, Docker configuration disclosure, and sudo script abuse.

Linux machine demonstrating Metabase pre-auth RCE, Docker environment credential disclosure, and OverlayFS kernel exploitation.

Linux machine demonstrating Apache ActiveMQ CVE-2023-46604 exploitation and sudo nginx abuse for root access.

Active Directory machine demonstrating MSSQL abuse leading to credential leakage and AD CS certificate abuse for full domain compromise.

Active Directory machine demonstrating exposed SMB data, credential reuse, and Backup Operators abuse to dump domain hashes.

Active Directory machine demonstrating anonymous LDAP enumeration, AS-REP Roasting, nested group abuse, and DCSync-based domain compromise.

Active Directory machine demonstrating LDAP credential capture through a printer admin panel, WinRM access, and Server Operators abuse leading to DCSync.

Active Directory machine demonstrating AS-REP Roasting, BloodHound-driven lateral movement, LSASS credential extraction, and Backup Operators abuse.

Active Directory machine demonstrating NTLM hash capture, SMB abuse, password reuse, IIS pivoting, and SeImpersonatePrivilege escalation.

Active Directory machine demonstrating exposed SMB backups, certificate-based WinRM access, PowerShell history credential discovery, and LAPS abuse.