HTB Heist machine walkthrough. Credential harvesting and spraying, dumping a running process to capture further credentials and a final credential spray to get Administrator access.
HTB Chainsaw machine walkthrough. Anonymous ftp connections, smart contract abuse, InterPlanetary File System and cracked password protected ssh private keys for user pivot. A loosely defined SUID file and PATH hijacking for root shell then finally leveraging root.txt's slack space to get the final flag.
HTB Networked machine walkthrough. Generally discussed as the easiest of the active boxes at time of retirement there is nothing particularly complex with getting to root.
HTB Jarvis machine walkthrough. Jarvis involved a SQL Injection and a web-shell for initial foothold into sudo and filter bypass to User pivot with a final systemctl abuse to pivot into root.
HTB Haystack machine walkthrough. A particularly well designed ELK (Elasticsearch, Logstash, Kibana) based machine offering a chance to dig into the full logging stack.
HTB Safe machine walkthrough. A contentious box from HTB requiring a custom developed ROP (return-oriented programming) exploit tied into cracking a KeepPass database.