A compilation of solutions and various notes for the HackThisSite.org pentesting challenges, intended to be accurate as of 2Q 2019.
Please note the following restrictions and caveats. Please read them in full. Continuing to read or interact with this repo in any manner signifies consent to these terms.
- This guide is not comprehensive by any means. I'm mostly just uploading my notes as I get to each exercise, and I have no real intention to complete all challenges. It's all for fun, as things like this should be.
- I try to put names in "quotes", URLs and URL parameters in bold, and commands and code as
code
. If you need to input custom data, I put what you need to replace in [brackets]. - Please try and attempt each challenge before referencing my notes. It will be more difficult and take longer, but you'll learn much more.
- Don't use my text or my particular solutions in any other forms of media, or attempt to pass off anything I write here as your own. I understand that solutions are often done in a similar manner as what I put here, so I understand that the commands and tools you use may be the same as mine. That's fine. Just don't copy my other notes or stuff that is clearly generated by me.
- These notes should be for personal use only. Educational, commercial, or governmental use is expressly prohibited without my written consent.
- Don't use any of this for illegal purposes. I understand that not all IT security people feel the need to stay white-hat. However, I myself am purely white-hat, and I expect you to be the same. Don't use my notes - or the skills you learn by using my solutions - for anything that could even be concievably mistaken as illegal activity. If you wouldn't do it in front of an FBI agent or your mom, don't do it at all. I will go out of my way to help law enforcement if they reach out to me about something I post here.
Any questions, comments, concerns? Let me know. Have fun!
-Mark
Twitter: @keewenaw