Welcome to my collection of Vulnerability Assessment and Penetration Testing (VAPT) reports and CTF walkthroughs. This repository documents my journey in ethical hacking, penetration testing, and cybersecurity challenges.
Each report includes:
- Reconnaissance steps (how I scanned and identified services)
- Exploitation process (how I gained access)
- Proof of Concept (PoC)
- Privilege escalation techniques
- Mitigation recommendations
- Lessons learned & skills practiced
- Easy/
- Hard/
- Medium/
- Easy/
- Medium/
- Easy/
- Hard/
- Medium/
- Easy/
- Medium/
| Challenge | Platform | Difficulty | Link |
|---|---|---|---|
| Vulnerability Assessment and Penetration Testing (VAPT) Report – Noxtal | CTFlearn | Easy | Open |
| Vulnerability Assessment and Penetration Testing (VAPT) Report – HTTP Header Manipulation | CTFlearn | Medium | Open |
| Vulnerability Assessment and Penetration Testing (VAPT) Report – HTTP Request Manipulation | CTFlearn | Medium | Open |
| CTFlearn Web Exploitation Labs – Detailed Walkthrough | CTFlearn | Hard | Open |
| Vulnerability Assessment and Penetration Testing (VAPT) Report – Code Injection Exploitation | CTFlearn | Hard | Open |
| 🏴 Natas Challenge - Level 1 | Natas | Easy | Open |
| 🏴Natas Challenge - Level 13 | Natas | Easy | Open |
| 🏴Natas Challenge - Level 14 | Natas | Easy | Open |
| 🏴Natas Challenge - Level 0 | Natas | Easy | Open |
| 🏴Natas Challenge - Level 10 | Natas | Easy | Open |
| 🏴Natas Challenge - Level 11 | Natas | Easy | Open |
| 🏴Natas Challenge - Level 12 | Natas | Easy | Open |
| 🏴Natas Challenge - Level 2 | Natas | Easy | Open |
| 🏴Natas Challenge - Level 3 | Natas | Easy | Open |
| 🏴Natas Challenge - Level 4 | Natas | Easy | Open |
| 🏴Natas Challenge - Level 5 | Natas | Easy | Open |
| 🏴Natas Challenge - Level 6 | Natas | Easy | Open |
| 🏴Natas Challenge - Level 7 | Natas | Easy | Open |
| 🏴Natas Challenge - Level 8 | Natas | Easy | Open |
| 🏴Natas Challenge - Level 9 | Natas | Easy | Open |
| 🏴Natas Challenge – Level 15 | Natas | Medium | Open |
| 🛡️ PicoCTF Lab Walkthrough – Forbidden Paths | PicoCTF | Easy | Open |
| 🛡️ PicoCTF Lab Walkthrough – Image Metadata CTF | PicoCTF | Easy | Open |
| 🛡️ PicoCTF Lab Walkthrough – Inspect HTML | PicoCTF | Easy | Open |
| 🛡️ PicoCTF Lab Walkthrough – picoBrowser | PicoCTF | Easy | Open |
| 🛡️ PicoCTF Lab Walkthrough – Power Cookie | PicoCTF | Easy | Open |
| 🛡️ PicoCTF Lab Walkthrough – Robots Sans | PicoCTF | Easy | Open |
| 🛡️ PicoCTF Lab Walkthrough – Search Source | PicoCTF | Easy | Open |
| 🛡️ PicoCTF Lab Walkthrough – Secrets | PicoCTF | Easy | Open |
| 🛡️ PicoCTF Lab Walkthrough – SSTI 1 | PicoCTF | Easy | Open |
| 🛡️ PicoCTF Lab Walkthrough – Tab Tab Attack | PicoCTF | Easy | Open |
| 🛡️ PicoCTF Lab Walkthrough – WebDecode | PicoCTF | Easy | Open |
| 🛡️ PicoCTF Lab Walkthrough – Where Are the Robots | PicoCTF | Easy | Open |
| 🛡️PicoCTF Lab Walkthrough – Caas | PicoCTF | Easy | Open |
| 🛡️ PicoCTF Lab Walkthrough – Client-side-again | PicoCTF | Medium | Open |
| 🛡️ PicoCTF Lab Walkthrough – Login | PicoCTF | Medium | Open |
| 🛡️ PicoCTF Lab Walkthrough – Most Cookies | PicoCTF | Medium | Open |
| 🛡️ PicoCTF Lab Walkthrough – Some Assembly Required 1 | PicoCTF | Medium | Open |
| 🛡️ PicoCTF Lab Walkthrough – SQL Direct | PicoCTF | Medium | Open |
| 🛡️ PicoCTF Lab Walkthrough – SQLiLite | PicoCTF | Medium | Open |
| PicoCTF Hard Challenge – Notepad Vulnerability Assessment and Penetration Testing (VAPT) Report | PicoCTF | Hard | Open |
| Vulnerability Assessment and Penetration Testing (VAPT) Report – OverlayFS Exploit Lab | TryHackMe | Easy | Open |
| 🟩Agent Sudo - Try Hack Me (THM) Walkthrough Report | TryHackMe | Easy | Open |
| 🟩Archangel – Try Hack Me (THM) Walkthrough Report | TryHackMe | Easy | Open |
| 🟩Basic Pentesting Machine – Try Hack Me (THM) Walkthrough Report | TryHackMe | Easy | Open |
| 🟩Bounty Hunter – Try Hack Me (THM) Walkthrough Report | TryHackMe | Easy | Open |
| 🟩BreakIt – Try Hack Me (THM) Walkthrough Report | TryHackMe | Easy | Open |
| 🟩Bricks Heist – Try Hack Me (THM) Walkthrough Report | TryHackMe | Easy | Open |
| 🟩CyberHeroes – Try Hack Me (THM) Walkthrough Report | TryHackMe | Easy | Open |
| 🟩Cyborg - TryHackMe(THM) Walkthrough Report | TryHackMe | Easy | Open |
| 🟩DAV – Try Hack Me (THM) Walkthrough Report | TryHackMe | Easy | Open |
| 🟩Flip It!! – Try Hack Me (THM) Walkthrough Report | TryHackMe | Easy | Open |
| 🟩GamingServer – Try Hack Me (THM) Walkthrough Report | TryHackMe | Easy | Open |
| 🟩Ignite – Try Hack Me (THM) Walkthrough Report | TryHackMe | Easy | Open |
| 🟩Lazy Admin – Try Hack Me (THM) Walkthrough Report | TryHackMe | Easy | Open |
| 🟩LianYu - Try Hack Me (THM) Walkthrough Report | TryHackMe | Easy | Open |
| 🟩Library – Try Hack Me (THM) Walkthrough Report | TryHackMe | Easy | Open |
| 🟩Light – Try Hack Me (THM) Walkthrough Report | TryHackMe | Easy | Open |
| 🟩Root Me - Try Hack Me (THM) Walkthrough Report | TryHackMe | Easy | Open |
| 🟩Simple CTF – Try Hack Me (THM) Walkthrough Report | TryHackMe | Easy | Open |
| 🟩Tomcat Ghost – TryHackMe(THM) Walkthrough Report | TryHackMe | Easy | Open |
| 🟩VulnNet Internal – TryHackMe(THM) Walkthrough Report | TryHackMe | Easy | Open |
| Cybersecurity Report: Penetration Testing of Linux Agency CTF Environment | TryHackMe | Medium | Open |
| Year of the Rabbit – TryHackMe VAPT Walkthrough Report | TryHackMe | Medium | Open |
| 🟩Classic-passwd - Try Hack Me (THM) Walkthrough Report | TryHackMe | Medium | Open |
| 🟩Develpy - Try Hack Me (THM) Walkthrough Report | TryHackMe | Medium | Open |
| 🟩GoldenEye – Try Hack Me (THM) Walkthrough Report | TryHackMe | Medium | Open |
| 🟩HA Joker - Try Hack Me (THM) Walkthrough Report | TryHackMe | Medium | Open |
| 🟩RSA Breaker – Try Hack Me (THM) Walkthrough Report | TryHackMe | Medium | Open |
| 🟩Utech – Try Hack Me (THM) Walkthrough Report | TryHackMe | Medium | Open |
| 🟩Wonderland - Try Hack Me (THM) Walkthrough Report | TryHackMe | Medium | Open |
| Difficulty | Count |
|---|---|
| Easy | 50 |
| Medium | 18 |
| Hard | 3 |
| Total | 71 |
Reconnaissance: nmap, gobuster, dirb, enum4linux,nikto
Exploitation: FTP login, SQLi, command injection, SSRF, path traversal
Password Attacks: hydra, john
Post-Exploitation: Privilege escalation, sudo misconfigurations
Tools: nmap, ftp, hydra, ssh, sudo, tar, sqlmap, burpsuite
I actively solve CTF challenges from:
This repository is both my learning archive and portfolio. Each write-up is prepared with a focus on clarity so beginners can follow along.
- GitHub: https://github.com/Nish344
- LinkedIn: https://linkedin.com/in/nishanth-antony-b60110289