Tier 2: Markup - HackTheBox Starting Point - Full Walkthrough

Learn the basics of Penetration Testing: Video walkthrough for the "Markup" machine from tier two of the ‪@HackTheBox‬ "Starting Point" track; "don't forget to contemplate". We'll be exploring the basics of enumeration, service discovery, Masscan/NMap, brute-forcing login credentials (ffuf), XXE, post-exploitation (uncovering plaintext credentials, winpeas), privilege escalation (permission issues) and more! Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #HackTheBox #HTB #CTF #Pentesting #OffSec Sign up for HackTheBox: https://htb-signup.cryptocat.me ↢HackTheBox↣ https://htb-signup.cryptocat.me   / hackthebox_eu     / discord   👷‍♂️Resources🛠 https://cryptocat.me/resources ↢Chapters↣ Start: 0:00 Masscan/NMap: 0:24 Brute force login (ffuf): 4:31 Explore HTTP site: 8:48 Research XXE: 10:32 Test payloads: 14:32 Fuzz LFI wordlist (Burp Intruder): 15:55 Recover private SSH key: 20:00 Enumerate filesystem: 21:48 Run winPEAS.exe: 23:11 Investigate PrivEsc: 29:40 Overwrite scheduled BAT script: 31:45 Submit root flag: 36:00 End: 36:51

Join Today
Tier 2: Base - HackTheBox Starting Point - Full Walkthrough
▶︎

Tier 2: Base - HackTheBox Starting Point - Full Walkthrough

Hack The Box Starting Point – Markup walk-through
▶︎

Hack The Box Starting Point – Markup walk-through

Linux Full Course for Beginners | Learn Linux System Administration
▶︎

Linux Full Course for Beginners | Learn Linux System Administration

Attacking AI - Jason Haddix - NDC Security 2026
▶︎

Attacking AI - Jason Haddix - NDC Security 2026

This Nerdy Teen Wouldn't Stop Hacking Companies
▶︎

This Nerdy Teen Wouldn't Stop Hacking Companies

Billionaire's WARNING: I'm SELLING. The Crash Is Already Here!
▶︎

Billionaire's WARNING: I'm SELLING. The Crash Is Already Here!

Real-Time WebSockets Course | Build a Live Sports Dashboard with Node.js & PostgreSQL
▶︎

Real-Time WebSockets Course | Build a Live Sports Dashboard with Node.js & PostgreSQL

Day 1 - HTB Cyber Santa CTF: HackTheBox Capture The Flag 2021 (beginner friendly)
▶︎

Day 1 - HTB Cyber Santa CTF: HackTheBox Capture The Flag 2021 (beginner friendly)

Hack The Box Starting Point – Unified walk-through
▶︎

Hack The Box Starting Point – Unified walk-through

Creator of C++: Bell Labs, Negative Overhead Abstraction, Mistakes | Bjarne Stroustrup
▶︎

Creator of C++: Bell Labs, Negative Overhead Abstraction, Mistakes | Bjarne Stroustrup

HackTheBox Walkthrough - Vaccine
▶︎

HackTheBox Walkthrough - Vaccine

SUMMER DEEP HOUSE Musics Mix 2026 ♫ Bruno Mars, Lady Gaga,Dua Lipa, Adele,Ed Sheeran, The Weeknd #02
▶︎

SUMMER DEEP HOUSE Musics Mix 2026 ♫ Bruno Mars, Lady Gaga,Dua Lipa, Adele,Ed Sheeran, The Weeknd #02

CLAUDE CODE ADVANCED FULL COURSE (3 HOURS)
▶︎

CLAUDE CODE ADVANCED FULL COURSE (3 HOURS)

API security in DVWA (low/medium/high)
▶︎

API security in DVWA (low/medium/high)

Avicii, Dua Lipa, Coldplay, Martin Garrix & Kygo, The Chainsmokers Style - Summer Vibes #21
▶︎

Avicii, Dua Lipa, Coldplay, Martin Garrix & Kygo, The Chainsmokers Style - Summer Vibes #21

I Tried The HackTheBox Certified Pentester Exam
▶︎

I Tried The HackTheBox Certified Pentester Exam

I Made an Antivirus That Secretly Attacks Scammers
▶︎

I Made an Antivirus That Secretly Attacks Scammers

Hacking Bank from Hackthebox | HTB Bank Walkthrough | Ethical Hacking
▶︎

Hacking Bank from Hackthebox | HTB Bank Walkthrough | Ethical Hacking

HackThebox - Boardlight
▶︎

HackThebox - Boardlight