Welcome!

I am currently in the process of studying to complete the OSCP (Offensive Security Certified Professional) course and exam. While gearing up for this experience I had been utilizing tools like OneNote and Obsidian to document my progress, but also realized that I should be publishing them to the web in order to submit my write-ups to various sites (e.g. @hackthebox, @tryhackme, etc). This was my first foray into web hosting and web design, even the process of putting this together was a learning experience.

My hope is that this site will provide some educational material for those working through these various CTF challenges, while also serving as a reference for myself and others. Outside of that, it will also serve as a good way for me to practice collating legible write-ups and walkthroughs to simulate actual engagements. While I understand that ‘real world’ engagements are completely separate from CTF challenges, there is some correlation in regards to how information is presented and findings are accurately/legibly demonstrated in written form.

What is Hack The Box?

Hack the Box is a service that allows you to practice penetration testing skills. They typically release ‘Live Arena’ machines each month that focus on new attack vectors or vulnerabilities that any cybersecurity professional should be aware of. Once you have access to the site, you can connect to their VPN and interact with these ‘boxes’, attempting to break into them. There are other exercises outside of the Capture the Flag (CTF) format, but for OSCP, these are the ones I will be focusing on. We’ll be going through all of the boxes mentioned in TJ Null’s OSCP Like spreadsheet. I’ll include links to other resources like IPPSEC’s walkthroughs as we go.

There are an @ghohsty youtube and @ghohsty instagram profile out there that are not mine.