Cybersecurity Portfolio: Technical Write-ups 🛡️

Welcome to my security research and CTF repository. This space is dedicated to documenting the exploitation and remediation of various machines from platforms like DockerLabs, HackTheBox, and HackersLabs.

The primary focus is to demonstrate a structured, professional methodology in Penetration Testing and Vulnerability Assessment.

🛠️ Technical Stack & Tools

Category	Tools
Reconnaissance	`Nmap`, `Arp-scan`, `Gobuster`, `WPScan`, `Wappalyzer`
Exploitation	`Burp Suite`, `Netcat`, `Metasploit`, `Exploit-DB`
Privilege Escalation	`LinPEAS`, `GTFOBins`, `Sudo Hijacking` `CVE-2025-4517`
Scripting	`Python`, `Bash`, `PHP`

📖 Methodology

Every write-up in this repository follows a standardized 4-step process to ensure clarity and technical depth:

Reconnaissance: High-speed scanning and service fingerprinting.
Enumeration: Deep diving into web directories, CMS versions, and database services.
Foothold: Identification of entry-point vulnerabilities (CVEs, misconfigurations).
Privilege Escalation: Internal enumeration to move from low-privilege users to Root/System.
Remediation: Implementation of hardening measures and security patches.

🚀 Featured Write-ups

Machine	Platform	Difficulty	Key Vulnerabilities & Techniques
ChocolateLovers	DockerLabs	Easy	CVE-2015-6967 (RCE), Sudoers Hijacking, Cronjob Exploitation
Fruits	HackersLabs	Easy	Local File Inclusion (LFI), SSH Brute Force, Sudo find (GTFOBins)
Microchoft	HackersLabs	Easy	MS17-010 (EternalBlue), SMB Exploitation, Metasploit
Grillo	HackersLabs	Easy	Info Disclosure, SSH Brute Force, Sudo Puttygen Hijacking
Mortadela	HackersLabs	Easy	MySQL Brute Force, CVE-2023-32784 (KeePass Memory Leak), Custom Python Scripting
ZapasGuapas	HackersLabs	Easy	OS Command Injection, ZIP Cracking, Sudo apt/aws Shell Escapes
Cyberpunk	HackersLabs	Easy	Anonymous FTP, Brainfuck Deciphering, Python Library Hijacking
Papafrita	HackersLabs	Easy	Source Code Analysis, Brainfuck Obfuscation, Sudo Node.js Escape
Yuan112	HackMyVM	Easy	XML External Entity (XXE), Python Brute-force Scripting, Arbitrary File Write
Academy	HackersLabs	Easy	WordPress Brute Force, Bitfile Manager RCE, Privilege Escalation via Cron
SalYAzucar	HackersLabs	Easy	SSH Brute Force, Sudo base64 Abuse (GTFOBins), SSH Key Cracking
PizzaHot	HackersLabs	Easy	Information Disclosure, SSH Brute Force, Sudo gcc/man Shell Escapes (GTFOBins)
Decrypt	HackersLabs	Easy	Information Disclosure, Brainfuck Decoding, KeePass Cracking, Sudo chown Abuse (GTFOBins)
FindMe	HackersLabs	Easy	Anonymous FTP Information Disclosure, Brute Force Attack, Jenkins RCE, SUID PHP Abuse (GTFOBins)
Facts	HackTheBox	Easy	soon
WingData	HackTheBox	Easy	soon

👤 About Me

I am a cybersecurity enthusiast focused on offensive security and system hardening. Currently developing my skills in web application security and Linux environments.

LinkedIn: Daniel Fernandez-Pello San Román

Disclaimer: All activities were performed in controlled, authorized environments for educational purposes only.

Name		Name	Last commit message	Last commit date
Latest commit History 22 Commits
DockerLabs/Easy-Faciles		DockerLabs/Easy-Faciles
HackMyVM/Easy-Faciles		HackMyVM/Easy-Faciles
HackersLabs/Easy-Faciles		HackersLabs/Easy-Faciles
OverTheWire		OverTheWire
images		images
.gitignore		.gitignore
README.md		README.md
_config.yml		_config.yml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Cybersecurity Portfolio: Technical Write-ups 🛡️

🛠️ Technical Stack & Tools

📖 Methodology

🚀 Featured Write-ups

👤 About Me

About

Uh oh!

Releases

Packages

Uh oh!

Contributors

Uh oh!

Folders and files

Latest commit

History

Repository files navigation

Cybersecurity Portfolio: Technical Write-ups 🛡️

🛠️ Technical Stack & Tools

📖 Methodology

🚀 Featured Write-ups

👤 About Me

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors

Uh oh!

Packages