Tier 2: Unified - HackTheBox Starting Point - Full Walkthrough

Learn the basics of Penetration Testing: Video walkthrough for the "Unified" machine from tier two of the ‪@HackTheBox‬ "Starting Point" track; "don't forget to contemplate". We'll be exploring the basics of enumeration, service discovery, Log4J vulnerability (CVE-2021-44228) aka Log4Shell in UniFi, MongoDB injection, hashcracking, privilege escalation and more! Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #HackTheBox #HTB #CTF #Pentesting #OffSec #CVE-2021-44228 Sign up for HackTheBox: https://htb-signup.cryptocat.me ↢HackTheBox↣ https://htb-signup.cryptocat.me   / hackthebox_eu     / discord   👷‍♂️Resources🛠 https://cryptocat.me/resources ↢Chapters↣ Start: 0:00 NMap scan: 0:35 Explore UniFi web server: 1:35 Investigate Log4J vulnerability: 4:31 Test JNDI:LDAP payload: 6:54 Reverse shell (Log4Shell): 11:38 Catch up on questions: 12:39 Enumerate MongoDB instance: 13:39 Try to crack password hash: 15:28 Inject user into database: 18:18 Login to UniFi admin panel: 19:20 Recover SSH credentials: 20:40 Buggy Admin UI - refer to walkthrough: 22:56 Submit user/root flag: 24:10 End: 24:51

Join Today
Tier 2: Included - HackTheBox Starting Point - Full Walkthrough
▶︎

Tier 2: Included - HackTheBox Starting Point - Full Walkthrough

Tier 2: Markup - HackTheBox Starting Point - Full Walkthrough
▶︎

Tier 2: Markup - HackTheBox Starting Point - Full Walkthrough

NestJS Full Course for Beginners in 2026 | Build a Production-Ready API
▶︎

NestJS Full Course for Beginners in 2026 | Build a Production-Ready API

Tier 2: Archetype - HackTheBox Starting Point - Full Walkthrough
▶︎

Tier 2: Archetype - HackTheBox Starting Point - Full Walkthrough

researcher accidentally finds 0-day affecting his entire internet service provider
▶︎

researcher accidentally finds 0-day affecting his entire internet service provider

Creator of C++: Bell Labs, Negative Overhead Abstraction, Mistakes | Bjarne Stroustrup
▶︎

Creator of C++: Bell Labs, Negative Overhead Abstraction, Mistakes | Bjarne Stroustrup

CAN I WIN A GAME OF BATTLEGROUNDS?! [HackTheBox - Server Siege]
▶︎

CAN I WIN A GAME OF BATTLEGROUNDS?! [HackTheBox - Server Siege]

Designing Data-Intensive Applications: Chapters 1 and 2
▶︎

Designing Data-Intensive Applications: Chapters 1 and 2

HackTheBox Walkthrough (full) - Oopsie // Starting Point
▶︎

HackTheBox Walkthrough (full) - Oopsie // Starting Point

Flipper Zero vs "Proper" Hacking Tools
▶︎

Flipper Zero vs "Proper" Hacking Tools

HackTheBox - Overflow
▶︎

HackTheBox - Overflow

API security in DVWA (low/medium/high)
▶︎

API security in DVWA (low/medium/high)

HackTheBox - Interface
▶︎

HackTheBox - Interface

Tier 2: Oopsie - HackTheBox Starting Point - Full Walkthrough
▶︎

Tier 2: Oopsie - HackTheBox Starting Point - Full Walkthrough

System Design Course – APIs, Databases, Caching, CDNs, Load Balancing & Production Infra
▶︎

System Design Course – APIs, Databases, Caching, CDNs, Load Balancing & Production Infra

HackTheBox Walkthrough - Unified
▶︎

HackTheBox Walkthrough - Unified

CTF Walkthrough with John Hammond
▶︎

CTF Walkthrough with John Hammond

Tier 2: Base - HackTheBox Starting Point - Full Walkthrough
▶︎

Tier 2: Base - HackTheBox Starting Point - Full Walkthrough

HackTheBox - Secret
▶︎

HackTheBox - Secret

Tier 0: HackTheBox Starting Point - 5 Machines - Full Walkthrough (for beginners)
▶︎

Tier 0: HackTheBox Starting Point - 5 Machines - Full Walkthrough (for beginners)