Vulnerable Platforms

Investing time on the topics listed below may be very useful and very interesting.

It is certainly very dangerous for a student whose priority is to pass exams, though.

Keep track of your time carefully.

Learning labs

There are many platforms on the web for learning and practicing attack skills, at various complexity levels. Some of them are free, some others require paid subscriptions.

• Tryhackme
• Hack The Box
• Vulnhub Labs
• Vulnlab
• Root-me
• Vulhub (vulhub, not vulnhub). This is a Github repository of vulnerable docker environments to be run on a local PC.

Writeups

You might want to search on the web writeups specific to some of the vulnerable VMs available. A writeup is a written summary of the steps taken for attacking a certain VM. In many cases reading such writeups provides an interesting and useful learning experience.

Reading such writeups may often be complex and frustrating, however: they are often written with a very concise style, assuming that the reader is an expert; there are many technical details very important in practice but irrelevant for understanding the underlying problem.

• Vulnhub-CTF-Writeups This cheatsheet is aimed at beginners to help them sort Vulnhub Labs. This list contains all the writeups available.
• Hack the Box Write-ups A collection of write-ups and walkthroughs of my adventures on Hack the Box.
• Large collection of writeups for VMs on Tryhackme, Hack The Box, Vulnhub, Vulnlabs and other platforms.
• Metasploitable 3: Ubuntu walkthrough and Windows walkthrough.