Intermedio - avanzado WEB - EWPTxV2 Roadmap
Este roadmap está inspirado al 100% en el HackingVault de s4vitar, diseñado para preparar la certificación eWPTX (Web Application Penetration Tester eXtreme). El enfoque es Web Extreme, cubriendo evasión de WAF, ataques a arquitecturas modernas, Prototype Pollution y deserialización avanzada.
Objetivo: Dominar la explotación web en entornos hostiles y filtrados.
Recurso: La propiedad intelectual y todas las resoluciones en video pertenecen al canal público de S4viSinFiltro.
🟢 FASE 1: RECONOCIMIENTO & INYECCIONES AVANZADAS
SEMANA 1: Reconocimiento & Fingerprinting
Enfoque: Descubrimiento de endpoints ocultos y tecnologías.
| Estado | Máquina | Plataforma | Dificultad | Resolución | Notas |
|---|---|---|---|---|---|
| Backdoor | Hack The Box | Easy | Ver 🎥 | Wordpress / LFI | |
| Blunder | Hack The Box | Easy | Ver 🎥 | CMS Blunder | |
| Doctor | Hack The Box | Easy | Ver 🎥 | Splunk / SSTI | |
| Laboratory | Hack The Box | Easy | Ver 🎥 | GitLab | |
| Nocturnal | Hack The Box | Easy | Ver 🎥 |
SEMANA 2: Inyecciones Avanzadas
Enfoque: Second-order SQLi y Polyglot payloads.
| Estado | Máquina | Plataforma | Dificultad | Resolución | Notas |
|---|---|---|---|---|---|
| OpenSource | Hack The Box | Easy | Ver 🎥 | Gitea | |
| PC | Hack The Box | Easy | Ver 🎥 | SQLMap API | |
| Postman | Hack The Box | Easy | Ver 🎥 | Redis / Webmin | |
| RedPanda | Hack The Box | Easy | Ver 🎥 | SSTI Java | |
| Secret | Hack The Box | Easy | Ver 🎥 | JWT / API |
SEMANA 3: Explotación Client-Side I
Enfoque: Clickjacking y Postmessage XSS.
| Estado | Máquina | Plataforma | Dificultad | Resolución | Notas |
|---|---|---|---|---|---|
| Sense | Hack The Box | Easy | Ver 🎥 | Pfsense | |
| Soccer | Hack The Box | Easy | Ver 🎥 | Websockets SQLi | |
| SteamCloud | Hack The Box | Easy | Ver 🎥 | Kubernetes | |
| Teacher | Hack The Box | Easy | Ver 🎥 | Moodle | |
| Trick | Hack The Box | Easy | Ver 🎥 | SQLi / DNS |
SEMANA 4: Explotación Client-Side II
Enfoque: Refuerzo de vectores de cliente.
| Estado | Máquina | Plataforma | Dificultad | Resolución | Notas |
|---|---|---|---|---|---|
| Usage | Hack The Box | Easy | Ver 🎥 | SQLi / Cookie |
🟠 FASE 2: NIVEL INTERMEDIO
SEMANA 5: Prototype Pollution
Enfoque: Client & Server-side (JS Exploitation).
| Estado | Máquina | Plataforma | Dificultad | Resolución | Notas |
|---|---|---|---|---|---|
| Awkward | Hack The Box | Medium | Ver 🎥 | JWT / API | |
| BackendTwo | Hack The Box | Medium | Ver 🎥 | API | |
| Bart | Hack The Box | Medium | Ver 🎥 | PHP / Internal | |
| Blurry | Hack The Box | Medium | Ver 🎥 | ClearML (Pickle) | |
| Bolt | Hack The Box | Medium | Ver 🎥 | CMS Bolt |
SEMANA 6: Deserialización Avanzada
Enfoque: Gadget chains y Custom POP chains.
| Estado | Máquina | Plataforma | Dificultad | Resolución | Notas |
|---|---|---|---|---|---|
| BroScience | Hack The Box | Medium | Ver 🎥 | PHP Deserialization | |
| Catch | Hack The Box | Medium | Ver 🎥 | APK | |
| Celestial | Hack The Box | Medium | Ver 🎥 | Node Deserialization | |
| Cronos | Hack The Box | Medium | Ver 🎥 | DNS / SQLi | |
| Encoding | Hack The Box | Medium | Ver 🎥 | PHP Filters |
SEMANA 7: API Security Avanzada
Enfoque: GraphQL Nested Queries y Mass Assignment.
| Estado | Máquina | Plataforma | Dificultad | Resolución | Notas |
|---|---|---|---|---|---|
| Epsilon | Hack The Box | Medium | Ver 🎥 | ||
| Europa | Hack The Box | Medium | Ver 🎥 | Regex | |
| Faculty | Hack The Box | Medium | Ver 🎥 | mPDF | |
| Flustered | Hack The Box | Medium | Ver 🎥 | Squid | |
| Format | Hack The Box | Medium | Ver 🎥 | Microblog |
SEMANA 8: OAuth 2.0 (Parte 1)
Enfoque: Implicit flow attacks y Code interception.
| Estado | Máquina | Plataforma | Dificultad | Resolución | Notas |
|---|---|---|---|---|---|
| Health | Hack The Box | Medium | Ver 🎥 | Webhook | |
| IClean | Hack The Box | Medium | Ver 🎥 | XSS / SSTI | |
| Interface | Hack The Box | Medium | Ver 🎥 | DOMpdf | |
| Jupiter | Hack The Box | Medium | Ver 🎥 | Grafana / Postgres | |
| Monitored | Hack The Box | Medium | Ver 🎥 | Nagios |
SEMANA 9: OAuth 2.0 (Parte 2)
| Estado | Máquina | Plataforma | Dificultad | Resolución | Notas |
|---|---|---|---|---|---|
| MonitorsThree | Hack The Box | Medium | Ver 🎥 | SQLi / Cacti | |
| Noter | Hack The Box | Medium | Ver 🎥 | Flask / JWT | |
| OnlyForYou | Hack The Box | Medium | Ver 🎥 | LFI / Neo4j | |
| Runner | Hack The Box | Medium | Ver 🎥 | TeamCity | |
| Schooled | Hack The Box | Medium | Ver 🎥 | Moodle |
SEMANA 10: OAuth 2.0 (Parte 3)
| Estado | Máquina | Plataforma | Dificultad | Resolución | Notas |
|---|---|---|---|---|---|
| Seal | Hack The Box | Medium | Ver 🎥 | Tomcat / GitBucket | |
| StreamIO | Hack The Box | Medium | Ver 🎥 | Firefox / Forensics | |
| Strutted | Hack The Box | Medium | Ver 🎥 | Struts | |
| Timing | Hack The Box | Medium | Ver 🎥 | PHP | |
| Trickster | Hack The Box | Medium | Ver 🎥 | PrestaShop |
SEMANA 11: OAuth 2.0 (Parte 4)
| Estado | Máquina | Plataforma | Dificultad | Resolución | Notas |
|---|---|---|---|---|---|
| Unicode | Hack The Box | Medium | Ver 🎥 | JWT Unicode | |
| UpDown | Hack The Box | Medium | Ver 🎥 | File Upload | |
| Worker | Hack The Box | Medium | Ver 🎥 | SVN / Azure | |
| Writer | Hack The Box | Medium | Ver 🎥 | SQLi / ImageMagic | |
| Zipping | Hack The Box | Medium | Ver 🎥 | Zip Slip |
🔴 FASE 3: NIVEL AVANZADO
SEMANA 12: Node.js Exploitation
Enfoque: Server-side prototype pollution.
| Estado | Máquina | Plataforma | Dificultad | Resolución | Notas |
|---|---|---|---|---|---|
| AdmirerToo | Hack The Box | Hard | Ver 🎥 | OpenCATS | |
| Altered | Hack The Box | Hard | Ver 🎥 | Code Igniter | |
| Analysis | Hack The Box | Hard | Ver 🎥 | LDAP | |
| Breadcrumbs | Hack The Box | Hard | Ver 🎥 | Windows |
SEMANA 13: SSRF Avanzado
Enfoque: Cloud metadata exploitation.
| Estado | Máquina | Plataforma | Dificultad | Resolución | Notas |
|---|---|---|---|---|---|
| Carpediem | Hack The Box | Hard | Ver 🎥 | Docker | |
| EarlyAccess | Hack The Box | Hard | Ver 🎥 | PHP / Keygen | |
| Falafel | Hack The Box | Hard | Ver 🎥 | PHP / SQLi | |
| Feline | Hack The Box | Hard | Ver 🎥 | Tomcat |
SEMANA 14: HTTP/2 Attacks
Enfoque: H2C smuggling y Stream abuse.
| Estado | Máquina | Plataforma | Dificultad | Resolución | Notas |
|---|---|---|---|---|---|
| Flujab | Hack The Box | Hard | Ver 🎥 | ||
| Freelancer | Hack The Box | Hard | Ver 🎥 | SQLi / MSSQL | |
| Hancliffe | Hack The Box | Hard | Ver 🎥 | Unity / SSRF | |
| Holiday | Hack The Box | Hard | Ver 🎥 | Node / SQLi |
SEMANA 15: Auth Bypass & SAML (Parte 1)
Enfoque: Bypass de MFA y ataques SAML.
| Estado | Máquina | Plataforma | Dificultad | Resolución | Notas |
|---|---|---|---|---|---|
| Joker | Hack The Box | Hard | Ver 🎥 | Squid | |
| Kotarak | Hack The Box | Hard | Ver 🎥 | Tomcat | |
| Moderators | Hack The Box | Hard | Ver 🎥 | Wordpress | |
| Monitors | Hack The Box | Hard | Ver 🎥 | Wordpress |
SEMANA 16: Auth Bypass & SAML (Parte 2)
| Estado | Máquina | Plataforma | Dificultad | Resolución | Notas |
|---|---|---|---|---|---|
| Oouch | Hack The Box | Hard | Ver 🎥 | DBus / OAuth | |
| Overflow | Hack The Box | Hard | Ver 🎥 | Padding Oracle | |
| Overgraph | Hack The Box | Hard | Ver 🎥 | ||
| Oz | Hack The Box | Hard | Ver 🎥 | Docker / Port Knocking |
SEMANA 17: Auth Bypass & SAML (Parte 3)
| Estado | Máquina | Plataforma | Dificultad | Resolución | Notas |
|---|---|---|---|---|---|
| Pressed | Hack The Box | Hard | Ver 🎥 | Wordpress | |
| Quick | Hack The Box | Hard | Ver 🎥 | HTTP/2 / ESI | |
| Tentacle | Hack The Box | Hard | Ver 🎥 | Squid / Kerberos | |
| Travel | Hack The Box | Hard | Ver 🎥 | SSRF / Gopher |
SEMANA 18: Auth Bypass & SAML (Parte 4)
| Estado | Máquina | Plataforma | Dificultad | Resolución | Notas |
|---|---|---|---|---|---|
| Unbalanced | Hack The Box | Hard | Ver 🎥 | Rsync / Encfs | |
| Unobtainium | Hack The Box | Hard | Ver 🎥 | Kubernetes | |
| Yummy | Hack The Box | Hard | Ver 🎥 | MVC | |
| Anubis | Hack The Box | Insane | Ver 🎥 | Container Breakout |
SEMANA 19: Insane Challenges I
Enfoque: Máquinas Insane.
| Estado | Máquina | Plataforma | Dificultad | Resolución | Notas |
|---|---|---|---|---|---|
| Bankrobber | Hack The Box | Insane | Ver 🎥 | XSS / SQLi | |
| Bookworm | Hack The Box | Hard | Ver 🎥 | ||
| CTF | Hack The Box | Insane | Ver 🎥 | LDAP | |
| Crossfit | Hack The Box | Insane | Ver 🎥 | XSS / FTP |
SEMANA 20: Insane Challenges II
| Estado | Máquina | Plataforma | Dificultad | Resolución | Notas |
|---|---|---|---|---|---|
| Fighter | Hack The Box | Hard | Ver 🎥 | ||
| Fortune | Hack The Box | Insane | Ver 🎥 | OpenBSD | |
| Fulcrum | Hack The Box | Hard | Ver 🎥 | Redis | |
| Hackback | Hack The Box | Insane | Ver 🎥 | XML / JSON |
SEMANA 21: Insane Challenges III
| Estado | Máquina | Plataforma | Dificultad | Resolución | Notas |
|---|---|---|---|---|---|
| MagicGardens | Hack The Box | Insane | Ver 🎥 | Django / SSTI | |
| Minion | Hack The Box | Insane | Ver 🎥 | ASP / SQLi | |
| Mischief | Hack The Box | Hard | Ver 🎥 | IPv6 / SNMP | |
| MultiMaster | Hack The Box | Hard | Ver 🎥 | AD / MSSQL |
SEMANA 22: Recta Final
| Estado | Máquina | Plataforma | Dificultad | Resolución | Notas |
|---|---|---|---|---|---|
| Sink | Hack The Box | Insane | Ver 🎥 | HTTP Headers | |
| Stacked | Hack The Box | Insane | Ver 🎥 | XSS / LocalStack | |
| Toby | Hack The Box | Medium | Ver 🎥 | Docker / Jenkins |