HackThebox - Sizzle
Sizzle is an ADCS box where we will explore how to make a "scf file" attack, generate a certificate via certsrv, bypass CLM & AppLocker, Kerberoasting + DCSync
HackTheBox - Shibboleth
Shibboleth is a very realistic box simulating several services used in companies such as ZABBIX, BMC, IPMI, ... and a CVE present on mariaDB
HackTheBox - Monitors
Monitors is a hard box on which we will browse several web operations like LFI, SQLI and Java Deserialization but also break a container via a sys_module cap on linux.
Reel2 is a windows box, we will see how to do password spraying on an OWA, a simple but effective phishing technique, Bypass JEA, and to abuse a LFI in a JEA function