HTB_Cap Security Assessment – Exploitation of Insecure Direct Object Reference (IDOR) leading to privilege escalation via Linux capabilities.
-
Updated
Jul 5, 2026 - Shell
HTB_Cap Security Assessment – Exploitation of Insecure Direct Object Reference (IDOR) leading to privilege escalation via Linux capabilities.
HTB_Fawn Security Assessment – Exploitation of Anonymous FTP Login (vsftpd 3.0.3) leading to root flag extraction. Mapped to MITRE ATT&CK (T1078, T1213) and NSA D3FEND (D3-FUAC) with a complete remediation roadmap.
HTB_Nexus Penetration Test Report – Comprehensive security assessment documenting credential leakage from Gitea, CVE-2026-38526 exploitation in Krayin CRM, and privilege escalation via Gitea template sync directory traversal. Mapped to MITRE ATT&CK and NSA D3FEND frameworks with actionable remediation roadmap and full evidence appendix.
HTB_Enigma Security Assessment – Full pentest completed, chaining NFS disclosure, IMAPS password reuse, and OS Command Injection in OpenSTAManager (CVE-2025-69212) through to root via a misconfigured OliveTin service. Full report and evidence appendix to be published once permitted by HTB's active-machine policy.
Add a description, image, and links to the pentnote topic page so that developers can more easily learn about it.
To associate your repository with the pentnote topic, visit your repo's landing page and select "manage topics."