hashcat

Linux machine demonstrating Jenkins CLI arbitrary file read, Jenkins user hash extraction, credential cracking, and SSH key abuse for root access.

Active Directory machine demonstrating MSSQL abuse leading to credential leakage and AD CS certificate abuse for full domain compromise.

Active Directory machine demonstrating anonymous LDAP enumeration, AS-REP Roasting, nested group abuse, and DCSync-based domain compromise.

Active Directory machine demonstrating AS-REP Roasting, BloodHound-driven lateral movement, LSASS credential extraction, and Backup Operators abuse.

Active Directory machine demonstrating NTLM hash capture, SMB abuse, password reuse, IIS pivoting, and SeImpersonatePrivilege escalation.

Active Directory machine demonstrating username generation, AS-REP Roasting, AutoLogon credential discovery, and DCSync-based domain compromise.

Classic Active Directory machine demonstrating GPP credential exposure leading to Kerberoasting and domain compromise.

Linux machine demonstrating Grafana arbitrary file read, Grafana credential cracking, SSH access, and Docker privileged container abuse.

Linux machine demonstrating anonymous rsync access, salted MD5 cracking, FTP-based SSH key placement, password reuse, and cronjob abuse.