Techniques
Attack techniques and exploitation methods documented across 16 HTB Starting Point writeups. Browse by technique to find machines that share the same attack vector.
Cross-reference index of exploitation techniques used across all writeups.
Each technique links to every machine where it appears, with brief context on how it was applied.
API Exposure
1 machine
Directory Busting
5 machines
DNS Zone Transfer
1 machine
FTP Anonymous
2 machines
FTP Brute-force
1 machine
Groovy RCE
1 machine
IDOR
1 machine
Jenkins RCE
1 machine
LFI → RCE
1 machine
LFI + Responder
1 machine
Log4Shell
1 machine
Lua Injection
1 machine
Magento CVE
1 machine
MongoDB No-Auth
1 machine
MSSQL RCE
2 machines
NoSQL Enum
1 machine
PostgreSQL Tunnel
1 machine
PHP Type Juggling
1 machine
RDP
1 machine
Redis
1 machine
Rsync
1 machine
Scheduled Task Abuse
1 machine
Session Hijack
1 machine
SMB Anonymous
1 machine
SMB Null Session
2 machines
SQL Injection
2 machines
SQLi Auth Bypass
1 machine
SSTI
1 machine
Stored XSS
1 machine
Sudo Abuse
2 machines
SUID Privesc
1 machine
Telnet
1 machine
TFTP Upload
1 machine
Web RCE
1 machine
Webshell RFI
1 machine
XXE File Read
1 machine