CTF Practice Boxes to Finish Prior to OSCP 2022

This list was created (as best I know) by TJ Null at netsecfocus.com.

I’m posting it here as a (public) checklist so that hopefully I actually do them (because everyone can see if I’m lazy). I found this on a Google doc spreadsheet on Reddit and do not actually have OSCP so don’t blame me if this doesn’t cover everything.. although there are enough boxes listed that I’m sure it will. I’m also posting this to hopefully motivate me to do writeups from my notes. Boxes that I’ve completed with a manual exploitation method (that’s legal for OSCP) are listed at the bottom of each category with a link to the writeup. If there’s no link, I haven’t done a writeup yet But Will Soon ™.

Hack the Box:
Linux Boxes:
[ ] Brainfuck
[ ] Beep
[ ] Cronos
[ ] Nineveh
[ ] Sense
[ ] Solidstate
[ ] Node
[ ] Valentine
[ ] Poison
[ ] Sunday
[ ] Tartarsauce
[ ] Irked
[ ] Friendzone
[ ] Swagshop
[ ] Networked
[ ] Jarvis
[ ] Mirai
[ ] Popcorn
[ ] Haircut
[ ] Blocky
[ ] Frolic
[ ] Postman
[ ] Mango
[ ] Traverxec
[ ] OpenAdmin
[ ] Magic
[ ] Admirer
[ ] Blunder
[ ] Tabby
[ ] Doctor
[ ] SneakyMailer
[ ] Passage
[ ] Luanne
[ ] Time
[ ] Ready
[ ] Delivery
[ ] Ophiuchi
[ ] ScriptKiddie
[ ] Armageddon
[ ] Pit
[ ] Seal
[ ] Forge
[ ] Horizontall
[ ] Shibboleth
[ ] Precise
[ ] Writer
[x] Lame
[x] Previse
[x] Knife
[x] Shocker
[x] Bashed
[x] Nibbles

Windows Boxes:
[ ] Granny
[ ] Grandpa
[ ] Silo
[ ] Bounty
[ ] Jerry
[ ] Conceal
[ ] Chatterbox
[ ] BankRobber
[ ] Buff
[ ] Servmon
[ ] Active
[ ] Remote
[ ] Fuse
[ ] Omni
[ ] Worker
[ ] Love
[ ] Intelligence
[ ] APT
[ ] Object
[x] Legacy
[x] Blue
[X] Devel
[x] Bastard
[x] Secnotes
[x] Bastion
[x] Arctic
[x] Forest
[x] Optimum

More challenging than OSCP, but good practice:
[ ] Bart [Windows]
[ ] Tally [Windows]
[ ] Kotarak [Linux]
[ ] Falafel [Linux]
[ ] Devops [Linux]
[ ] Hawk [Linux]
[ ] Netmon [Windows]
[ ] Lightweight [Linux]
[ ] La Casa De Papel [Linux]
[ ] Jail [Linux]
[ ] Safe [Linux]
[ ] Bitlab [Linux]
[ ] Sizzle [Windows]
[ ] Sniper [Windows]
[ ] Control [Windows]
[ ] October [Linux]
[ ] Mango [Linux]
[ ] Nest [Windows]
[ ] Book [Linux]
[ ] Sauna [Windows]
[ ] Cascade [Windows]
[ ] Quick [Linux]
[ ] BlackField [Windows]
[ ] APT [Windows]
[ ] Atom [Windows]
[ ] BreadCrumbs [Windows]
[ ] Monitors [Linux]
[ ] Dynstr [Linux]
[ ] PivotAPI [Windows]
[ ] Pikaboo [Linux]
[ ] Monteverde [Windows]
[ ] Writer [Linux]
[ ] Forge [Linux]
[ ] Stacked [Linux]
[x] Jeeves [Windows]
[x] Querier [Windows]

Proving Grounds List:
Linux:
[ ] ClamAV
[ ] Wombo
[ ] Payday
[ ] Fail
[ ] Nibbles
[ ] Banzai
[ ] Hunit
[ ] Dibble
[ ] Zino
[ ] Hetemit
[ ] Peppo
[ ] Postfish
[ ] Malbec
[ ] Sybaris
[ ] Hawat
[ ] Fail
[ ] ZenPhoto
[ ] Readys
[ ] Nukem
[ ] Sorcerer
[ ] Walla
[ ] Pelican
[ ] Snookums

Windows:
[ ] Nickel
[ ] Slort
[ ] Authby
[ ] Jacko
[ ] MeatHead
[ ] UT99
[ ] MedJed
[ ] Algeron
[ ] Billyboss
[ ] Butch
[ ] Kevin
[ ] Metallus
[ ] Hutch
[ ] Heist
[ ] Vault
[ ] Shenzi
[ ] UT99
[ ] DVR4
[ ] Craft
[ ] Hepet

Leave a Reply