Skip to content

kushanbhagya/Hackers-Lab

Folders and files

NameName
Last commit message
Last commit date

Latest commit

ย 

History

6 Commits
ย 
ย 
ย 
ย 

Repository files navigation

โ–ˆโ–ˆโ•—  โ–ˆโ–ˆโ•— โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•—  โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•—  โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•—    โ–ˆโ–ˆโ•—      โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•—
โ–ˆโ–ˆโ•‘  โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•”โ•โ•โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•”โ•โ•โ•โ•โ•โ–ˆโ–ˆโ•‘ โ–ˆโ–ˆโ•”โ•โ–ˆโ–ˆโ•”โ•โ•โ•โ•โ•โ–ˆโ–ˆโ•”โ•โ•โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•”โ•โ•โ•โ•โ•    โ–ˆโ–ˆโ•‘     โ–ˆโ–ˆโ•”โ•โ•โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•”โ•โ•โ–ˆโ–ˆโ•—
โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘     โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•”โ• โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•—  โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•”โ•โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•—    โ–ˆโ–ˆโ•‘     โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•”โ•
โ–ˆโ–ˆโ•”โ•โ•โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•”โ•โ•โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘     โ–ˆโ–ˆโ•”โ•โ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•”โ•โ•โ•  โ–ˆโ–ˆโ•”โ•โ•โ–ˆโ–ˆโ•—โ•šโ•โ•โ•โ•โ–ˆโ–ˆโ•‘    โ–ˆโ–ˆโ•‘     โ–ˆโ–ˆโ•”โ•โ•โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•”โ•โ•โ–ˆโ–ˆโ•—
โ–ˆโ–ˆโ•‘  โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘  โ–ˆโ–ˆโ•‘โ•šโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•‘  โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•‘  โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•‘    โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•‘  โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•”โ•
โ•šโ•โ•  โ•šโ•โ•โ•šโ•โ•  โ•šโ•โ• โ•šโ•โ•โ•โ•โ•โ•โ•šโ•โ•  โ•šโ•โ•โ•šโ•โ•โ•โ•โ•โ•โ•โ•šโ•โ•  โ•šโ•โ•โ•šโ•โ•โ•โ•โ•โ•โ•    โ•šโ•โ•โ•โ•โ•โ•โ•โ•šโ•โ•  โ•šโ•โ•โ•šโ•โ•โ•โ•โ•โ•

โš”๏ธ Offensive Security ยท Ethical Hacking ยท Real-World Attack Simulations


Last Updated Labs Status License Platform


"To defend a system, you must first understand how to break it."


> whoami

This repository documents my hands-on journey through offensive security, practicing real-world attack techniques, exploitation methods, and system compromise simulations in a controlled lab environment.

Each lab is a battle fought, a skill earned.


> cat objectives.txt

[*] Understand how real-world cyber attacks are executed
[*] Gain hands-on exploitation experience across multiple vectors
[*] Learn attacker methodologies: initial access โ†’ escalation โ†’ persistence
[*] Build a professional cybersecurity portfolio through practical work
[*] Bridge the gap between theory and real-world security scenarios

> ls skills/

Domain Techniques
๐ŸŒ Network Exploitation Port scanning, service enumeration, banner grabbing
๐Ÿ’‰ Web Application Attacks SQLi, XSS, file upload abuse, directory brute-force
๐Ÿš Reverse Shells & Access Netcat shells, TTY upgrades, web shells
๐Ÿ”บ Privilege Escalation Sudo misconfigs, SUID binaries, cron job abuse
๐Ÿ” Enumeration LinPEAS, manual recon, service fingerprinting
๐Ÿ”‘ Password Attacks Hash cracking with John the Ripper & Hashcat
๐Ÿ‘ฃ Persistence Backdoors, startup manipulation
๐ŸŽฏ Red Team Methodology Full attack chain simulation

> nmap --tools

Kali Linux Nmap Burp Suite Metasploit Netcat Hashcat John Gobuster DVWA


> tree lab-structure/

lab-xx-topic/
โ”‚
โ”œโ”€โ”€ ๐Ÿ“„ README.md          โ† Objective, Setup, Attack Steps, Results
โ”œโ”€โ”€ ๐Ÿ“ screenshots/       โ† Visual proof of exploitation
โ””โ”€โ”€ ๐Ÿ“ notes.md           โ† Additional findings & references

Each lab contains:

  • Objective โ€” What we're exploiting and why
  • Setup โ€” Environment configuration
  • Attack Steps โ€” Step-by-step execution
  • Explanation โ€” How and why the attack works
  • Results โ€” Outcome and evidence
  • Key Learnings โ€” Takeaways and defense insights

> cat roadmap.md

๐Ÿ”ฐ Phase 1 โ€” Initial Access & Exploitation

# Lab Status
01 ๐Ÿš Reverse Shell (Netcat) โœ… Completed
02 ๐Ÿ’‰ Web Exploitation โ€“ SQL Injection โณ Pending
03 ๐ŸŽญ Cross-Site Scripting (XSS) โณ Pending
04 ๐Ÿ“‚ Directory Bruteforce (Gobuster) โณ Pending

โš”๏ธ Phase 2 โ€” Advanced Access Techniques

# Lab Status
05 ๐Ÿ“ค File Upload Vulnerabilities โณ Pending
06 ๐ŸŒ Web Shell Injection โณ Pending
07 ๐Ÿ”ง Reverse Shell Upgrade (TTY Shell) โณ Pending
08 ๐Ÿ”‘ Password Cracking (John / Hashcat) โณ Pending

๐Ÿ”ฅ Phase 3 โ€” Privilege Escalation

# Lab Status
09 ๐Ÿ” Linux Enumeration (linPEAS) โณ Pending
10 โš™๏ธ Sudo Misconfiguration Exploitation โณ Pending
11 ๐Ÿ” SUID Binary Exploitation โณ Pending
12 โฐ Cron Job Exploitation โณ Pending

๐Ÿš€ Phase 4 โ€” Post-Exploitation & Real Scenarios

# Lab Status
13 ๐Ÿ”— Full Attack Chain (Web โ†’ Shell โ†’ Root) โณ Pending
14 ๐Ÿ‘ฃ Persistence Techniques โณ Pending
15 ๐Ÿ’ฅ Metasploit Exploitation โณ Pending
16 ๐ŸŽฎ Multi-Step Attack Simulation โณ Pending

๐Ÿ›ก๏ธ Extension โ€” Blue Team Integration (Optional)

[+] Detecting attacks using system logs
[+] Monitoring suspicious network activity
[+] Basic incident response practices

> cat progress.log

Total Labs Planned   : 16
Labs Completed       : 1
Labs In Progress     : 0
Completion           : [โ–ˆโ–‘โ–‘โ–‘โ–‘โ–‘โ–‘โ–‘โ–‘โ–‘โ–‘โ–‘โ–‘โ–‘โ–‘โ–‘โ–‘โ–‘โ–‘โ–‘] 6%

Progress bar updates as labs are completed. Follow to stay notified.


> cat disclaimer.txt

โ•”โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•—
โ•‘  โš ๏ธ  EDUCATIONAL USE ONLY                                 โ•‘
โ•‘                                                           โ•‘
โ•‘  All techniques in this repository are performed          โ•‘
โ•‘  exclusively in controlled, isolated lab environments.    โ•‘
โ•‘                                                           โ•‘
โ•‘  Unauthorized use of these techniques against systems     โ•‘
โ•‘  without explicit permission is ILLEGAL.                  โ•‘
โ•‘                                                           โ•‘
โ•‘  The author holds no responsibility for misuse.           โ•‘
โ•šโ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•

> whoami --author

Kushan Bhagya

Cybersecurity Enthusiast | Ethical Hacking Learner

GitHub LinkedIn


Building skills. Breaking things. Doing it ethically.


[โ˜… Star this repo if you find it useful]

About

A hands-on ethical hacking lab series focused on real-world offensive security techniques, including exploitation, privilege escalation, and attack simulation. This project documents my journey to becoming a cybersecurity professional through practical labs and detailed analysis.

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors