After this lesson, you will be able to: Use Wireshark + Nmap NSE and complete a full CTF machine end-to-end.
This lesson is hands-on: complete a HackTheBox easy/medium machine from recon to root, narrating every decision. Plus Wireshark for protocol-level investigation and Nmap NSE for advanced scripting.
Capture filters (`tcp port 80`) reduce noise. Display filters (`http.request.method == POST`) find specific events. Follow TCP Stream re-assembles a full conversation. Saving captures: .pcap.
Nmap Scripting Engine extends Nmap with vuln checks:
# Vulnerability scriptsnmap --script vuln 10.10.10.10# Specific servicenmap -sV --script smb-vuln* 10.10.10.10# Default + safe scriptsnmap -sC -sV 10.10.10.10
1. Don't rabbit-hole, if a path is dry after 30 min, switch.
2. Enumerate ALL services before exploiting any.
3. Every found credential gets reused everywhere.
4. Write notes as you go (CherryTree, Obsidian).
5. Stuck? Use the room's 'official walkthrough' AS LAST RESORT.
Sign in and purchase access to unlock this lesson.