> ## Documentation Index
> Fetch the complete documentation index at: https://rootea.es/llms.txt
> Use this file to discover all available pages before exploring further.

# Remote Code Execution (RCE)

> Cross-platform resources for Remote Code Execution (RCE): curated HTB machines, PortSwigger labs and TryHackMe rooms with validated writeups and related skills.

# Remote Code Execution (RCE)

This page aggregates **cross-platform resources to practice Remote Code Execution (RCE)**: retired Hack The Box machines, PortSwigger Web Security Academy labs and TryHackMe rooms, plus curated resources (HackTricks, PortSwigger, etc.) and related skills.

## Curated resources

| Source     | Link                                                                                                                                           |
| ---------- | ---------------------------------------------------------------------------------------------------------------------------------------------- |
| HackTricks | [https://book.hacktricks.wiki/en/pentesting-web/command-injection.html](https://book.hacktricks.wiki/en/pentesting-web/command-injection.html) |

## HTB machines practicing Remote Code Execution (RCE) (104)

| Machine                                                       | OS      | Difficulty                                           |
| ------------------------------------------------------------- | ------- | ---------------------------------------------------- |
| [AdmirerToo](/en/htb/machines/linux/dificil/admirertoo)       | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [Altered](/en/htb/machines/linux/dificil/altered)             | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [Anubis](/en/htb/machines/windows/insano/anubis)              | Windows | <span className="dbadge dbadge-insane">INSANE</span> |
| [Apocalyst](/en/htb/machines/linux/medio/apocalyst)           | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Atom](/en/htb/machines/windows/medio/atom)                   | Windows | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Backdoor](/en/htb/machines/linux/facil/backdoor)             | Linux   | <span className="dbadge dbadge-easy">EASY</span>     |
| [Backend](/en/htb/machines/linux/medio/backend)               | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [BackendTwo](/en/htb/machines/linux/medio/backendtwo)         | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Bank](/en/htb/machines/linux/facil/bank)                     | Linux   | <span className="dbadge dbadge-easy">EASY</span>     |
| [Bankrobber](/en/htb/machines/windows/insano/bankrobber)      | Windows | <span className="dbadge dbadge-insane">INSANE</span> |
| [Bart](/en/htb/machines/windows/medio/bart)                   | Windows | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Bastard](/en/htb/machines/windows/medio/bastard)             | Windows | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Beep](/en/htb/machines/linux/facil/beep)                     | Linux   | <span className="dbadge dbadge-easy">EASY</span>     |
| [Blackfield](/en/htb/machines/windows/dificil/blackfield)     | Windows | <span className="dbadge dbadge-hard">HARD</span>     |
| [Buff](/en/htb/machines/windows/facil/buff)                   | Windows | <span className="dbadge dbadge-easy">EASY</span>     |
| [Cache](/en/htb/machines/linux/medio/cache)                   | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Catch](/en/htb/machines/linux/medio/catch)                   | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Celestial](/en/htb/machines/linux/medio/celestial)           | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Chaos](/en/htb/machines/linux/medio/chaos)                   | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Conceal](/en/htb/machines/windows/dificil/conceal)           | Windows | <span className="dbadge dbadge-hard">HARD</span>     |
| [Control](/en/htb/machines/windows/dificil/control)           | Windows | <span className="dbadge dbadge-hard">HARD</span>     |
| [CrimeStoppers](/en/htb/machines/linux/dificil/crimestoppers) | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [CrossFit](/en/htb/machines/linux/insano/crossfit)            | Linux   | <span className="dbadge dbadge-insane">INSANE</span> |
| [CTF](/en/htb/machines/linux/insano/ctf)                      | Linux   | <span className="dbadge dbadge-insane">INSANE</span> |
| [Curling](/en/htb/machines/windows/facil/curling)             | Windows | <span className="dbadge dbadge-easy">EASY</span>     |
| [Dab](/en/htb/machines/linux/dificil/dab)                     | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [Devzat](/en/htb/machines/linux/medio/devzat)                 | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Doctor](/en/htb/machines/linux/facil/doctor)                 | Linux   | <span className="dbadge dbadge-easy">EASY</span>     |
| [Ellingson](/en/htb/machines/linux/dificil/ellingson)         | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [Epsilon](/en/htb/machines/linux/medio/epsilon)               | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Europa](/en/htb/machines/linux/medio/europa)                 | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Feline](/en/htb/machines/linux/dificil/feline)               | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [Fighter](/en/htb/machines/windows/insano/fighter)            | Windows | <span className="dbadge dbadge-insane">INSANE</span> |
| [Flujab](/en/htb/machines/linux/dificil/flujab)               | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [Flustered](/en/htb/machines/linux/medio/flustered)           | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Frolic](/en/htb/machines/linux/facil/frolic)                 | Linux   | <span className="dbadge dbadge-easy">EASY</span>     |
| [Fulcrum](/en/htb/machines/linux/insano/fulcrum)              | Linux   | <span className="dbadge dbadge-insane">INSANE</span> |
| [Grandpa](/en/htb/machines/windows/facil/grandpa)             | Windows | <span className="dbadge dbadge-easy">EASY</span>     |
| [Granny](/en/htb/machines/windows/facil/granny)               | Windows | <span className="dbadge dbadge-easy">EASY</span>     |
| [Hackback](/en/htb/machines/windows/insano/hackback)          | Windows | <span className="dbadge dbadge-insane">INSANE</span> |
| [Hancliffe](/en/htb/machines/windows/dificil/hancliffe)       | Windows | <span className="dbadge dbadge-hard">HARD</span>     |
| [Hawk](/en/htb/machines/linux/medio/hawk)                     | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Helpline](/en/htb/machines/windows/dificil/helpline)         | Windows | <span className="dbadge dbadge-hard">HARD</span>     |
| [Holiday](/en/htb/machines/linux/dificil/holiday)             | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [Intelligence](/en/htb/machines/windows/medio/intelligence)   | Windows | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Jewel](/en/htb/machines/linux/medio/jewel)                   | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Joker](/en/htb/machines/linux/dificil/joker)                 | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [Json](/en/htb/machines/windows/medio/json)                   | Windows | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Knife](/en/htb/machines/linux/facil/knife)                   | Linux   | <span className="dbadge dbadge-easy">EASY</span>     |
| [Laboratory](/en/htb/machines/linux/facil/laboratory)         | Linux   | <span className="dbadge dbadge-easy">EASY</span>     |
| [Meta](/en/htb/machines/linux/medio/meta)                     | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Monitors](/en/htb/machines/linux/dificil/monitors)           | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [Monteverde](/en/htb/machines/windows/medio/monteverde)       | Windows | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [MultiMaster](/en/htb/machines/windows/insano/multimaster)    | Windows | <span className="dbadge dbadge-insane">INSANE</span> |
| [Netmon](/en/htb/machines/windows/facil/netmon)               | Windows | <span className="dbadge dbadge-easy">EASY</span>     |
| [Nibbles](/en/htb/machines/linux/facil/nibbles)               | Linux   | <span className="dbadge dbadge-easy">EASY</span>     |
| [Nightmare](/en/htb/machines/linux/insano/nightmare)          | Linux   | <span className="dbadge dbadge-insane">INSANE</span> |
| [Nineveh](/en/htb/machines/linux/medio/nineveh)               | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Noter](/en/htb/machines/linux/medio/noter)                   | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Object](/en/htb/machines/windows/dificil/object)             | Windows | <span className="dbadge dbadge-hard">HARD</span>     |
| [Obscurity](/en/htb/machines/linux/medio/obscurity)           | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Oouch](/en/htb/machines/linux/dificil/oouch)                 | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [OpenSource](/en/htb/machines/linux/facil/opensource)         | Linux   | <span className="dbadge dbadge-easy">EASY</span>     |
| [Optimum](/en/htb/machines/windows/facil/optimum)             | Windows | <span className="dbadge dbadge-easy">EASY</span>     |
| [Overflow](/en/htb/machines/linux/dificil/overflow)           | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [OverGraph](/en/htb/machines/linux/dificil/overgraph)         | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [Oz](/en/htb/machines/linux/dificil/oz)                       | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [Pandora](/en/htb/machines/linux/facil/pandora)               | Linux   | <span className="dbadge dbadge-easy">EASY</span>     |
| [Pit](/en/htb/machines/linux/medio/pit)                       | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Player](/en/htb/machines/linux/dificil/player)               | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [Poison](/en/htb/machines/linux/medio/poison)                 | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Quick](/en/htb/machines/linux/dificil/quick)                 | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [RE](/en/htb/machines/windows/dificil/re)                     | Windows | <span className="dbadge dbadge-hard">HARD</span>     |
| [RedCross](/en/htb/machines/linux/medio/redcross)             | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Reel](/en/htb/machines/windows/dificil/reel)                 | Windows | <span className="dbadge dbadge-hard">HARD</span>     |
| [Reel2](/en/htb/machines/windows/dificil/reel2)               | Windows | <span className="dbadge dbadge-hard">HARD</span>     |
| [Remote](/en/htb/machines/windows/facil/remote)               | Windows | <span className="dbadge dbadge-easy">EASY</span>     |
| [RouterSpace](/en/htb/machines/linux/facil/routerspace)       | Linux   | <span className="dbadge dbadge-easy">EASY</span>     |
| [Schooled](/en/htb/machines/linux/medio/schooled)             | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Scrambled](/en/htb/machines/windows/medio/scrambled)         | Windows | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [ScriptKiddie](/en/htb/machines/linux/facil/scriptkiddie)     | Linux   | <span className="dbadge dbadge-easy">EASY</span>     |
| [Seal](/en/htb/machines/linux/medio/seal)                     | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Sense](/en/htb/machines/linux/facil/sense)                   | Linux   | <span className="dbadge dbadge-easy">EASY</span>     |
| [Shibboleth](/en/htb/machines/linux/medio/shibboleth)         | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Sniper](/en/htb/machines/windows/medio/sniper)               | Windows | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Stacked](/en/htb/machines/linux/insano/stacked)              | Linux   | <span className="dbadge dbadge-insane">INSANE</span> |
| [Static](/en/htb/machines/linux/dificil/static)               | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [StreamIO](/en/htb/machines/windows/medio/streamio)           | Windows | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [SwagShop](/en/htb/machines/linux/facil/swagshop)             | Linux   | <span className="dbadge dbadge-easy">EASY</span>     |
| [Talkative](/en/htb/machines/linux/dificil/talkative)         | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [Tally](/en/htb/machines/windows/dificil/tally)               | Windows | <span className="dbadge dbadge-hard">HARD</span>     |
| [TartarSauce](/en/htb/machines/linux/medio/tartarsauce)       | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Teacher](/en/htb/machines/linux/facil/teacher)               | Linux   | <span className="dbadge dbadge-easy">EASY</span>     |
| [Time](/en/htb/machines/linux/medio/time)                     | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Toolbox](/en/htb/machines/windows/facil/toolbox)             | Windows | <span className="dbadge dbadge-easy">EASY</span>     |
| [Travel](/en/htb/machines/linux/dificil/travel)               | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [Unbalanced](/en/htb/machines/linux/dificil/unbalanced)       | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [Undetected](/en/htb/machines/linux/medio/undetected)         | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Union](/en/htb/machines/linux/medio/union)                   | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Unobtainium](/en/htb/machines/linux/dificil/unobtainium)     | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [Validation](/en/htb/machines/linux/facil/validation)         | Linux   | <span className="dbadge dbadge-easy">EASY</span>     |
| [Wall](/en/htb/machines/linux/medio/wall)                     | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Worker](/en/htb/machines/windows/medio/worker)               | Windows | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Zetta](/en/htb/machines/linux/dificil/zetta)                 | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |

## PortSwigger labs practicing Remote Code Execution (RCE) (15)

| Lab                                                                                                                                                                                  | Difficulty                                                 | Topic                          | Official                                                                                                                                      |
| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------- | ------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------- |
| [2FA bypass using a brute-force attack](/en/portswigger/labs/authentication/multi-factor-2fa-bypass-using-a-brute-force-attack)                                                      | <span className="dbadge dbadge-easy">APPRENTICE</span>     | Authentication Vulnerabilities | [Open](https://portswigger.net/web-security/authentication/multi-factor/lab-2fa-bypass-using-a-brute-force-attack)                            |
| [Broken brute-force protection, multiple credentials per request](/en/portswigger/labs/authentication/password-based-broken-brute-force-protection-multiple-credentials-per-request) | <span className="dbadge dbadge-easy">APPRENTICE</span>     | Authentication Vulnerabilities | [Open](https://portswigger.net/web-security/authentication/password-based/lab-broken-brute-force-protection-multiple-credentials-per-request) |
| [DOM XSS in document.write sink using source location.search](/en/portswigger/labs/cross-site-scripting/dom-based-document-write-sink)                                               | <span className="dbadge dbadge-easy">APPRENTICE</span>     | Cross-Site Scripting (XSS)     | [Open](https://portswigger.net/web-security/cross-site-scripting/dom-based/lab-document-write-sink)                                           |
| [DOM XSS in innerHTML sink using source location.search](/en/portswigger/labs/cross-site-scripting/dom-based-innerhtml-sink)                                                         | <span className="dbadge dbadge-easy">APPRENTICE</span>     | Cross-Site Scripting (XSS)     | [Open](https://portswigger.net/web-security/cross-site-scripting/dom-based/lab-innerhtml-sink)                                                |
| [DOM XSS in jQuery anchor href attribute sink using location.search source](/en/portswigger/labs/cross-site-scripting/dom-based-jquery-href-attribute-sink)                          | <span className="dbadge dbadge-easy">APPRENTICE</span>     | Cross-Site Scripting (XSS)     | [Open](https://portswigger.net/web-security/cross-site-scripting/dom-based/lab-jquery-href-attribute-sink)                                    |
| [Flawed enforcement of business rules](/en/portswigger/labs/logic-flaws/examples-logic-flaws-flawed-enforcement-of-business-rules)                                                   | <span className="dbadge dbadge-easy">APPRENTICE</span>     | Business Logic Vulnerabilities | [Open](https://portswigger.net/web-security/logic-flaws/examples/lab-logic-flaws-flawed-enforcement-of-business-rules)                        |
| [Remote code execution via web shell upload](/en/portswigger/labs/file-upload/file-upload-remote-code-execution-via-web-shell-upload)                                                | <span className="dbadge dbadge-easy">APPRENTICE</span>     | File Upload Vulnerabilities    | [Open](https://portswigger.net/web-security/file-upload/lab-file-upload-remote-code-execution-via-web-shell-upload)                           |
| [Source code disclosure via backup files](/en/portswigger/labs/information-disclosure/exploiting-infoleak-via-backup-files)                                                          | <span className="dbadge dbadge-easy">APPRENTICE</span>     | Information Disclosure         | [Open](https://portswigger.net/web-security/information-disclosure/exploiting/lab-infoleak-via-backup-files)                                  |
| [Broken brute-force protection, IP block](/en/portswigger/labs/authentication/password-based-broken-bruteforce-protection-ip-block)                                                  | <span className="dbadge dbadge-medium">PRACTITIONER</span> | Authentication Vulnerabilities | [Open](https://portswigger.net/web-security/authentication/password-based/lab-broken-bruteforce-protection-ip-block)                          |
| [Bypassing GraphQL brute force protections](/en/portswigger/labs/graphql/graphql-brute-force-protection-bypass)                                                                      | <span className="dbadge dbadge-medium">PRACTITIONER</span> | GraphQL                        | [Open](https://portswigger.net/web-security/graphql/lab-graphql-brute-force-protection-bypass)                                                |
| [DOM XSS in document.write sink using source location.search inside a select element](/en/portswigger/labs/cross-site-scripting/dom-based-document-write-sink-inside-select-element) | <span className="dbadge dbadge-medium">PRACTITIONER</span> | Cross-Site Scripting (XSS)     | [Open](https://portswigger.net/web-security/cross-site-scripting/dom-based/lab-document-write-sink-inside-select-element)                     |
| [Forced OAuth profile linking](/en/portswigger/labs/oauth/oauth-forced-oauth-profile-linking)                                                                                        | <span className="dbadge dbadge-medium">PRACTITIONER</span> | OAuth Authentication           | [Open](https://portswigger.net/web-security/oauth/lab-oauth-forced-oauth-profile-linking)                                                     |
| [Password brute-force via password change](/en/portswigger/labs/authentication/other-mechanisms-password-brute-force-via-password-change)                                            | <span className="dbadge dbadge-medium">PRACTITIONER</span> | Authentication Vulnerabilities | [Open](https://portswigger.net/web-security/authentication/other-mechanisms/lab-password-brute-force-via-password-change)                     |
| [Remote code execution via polyglot web shell upload](/en/portswigger/labs/file-upload/file-upload-remote-code-execution-via-polyglot-web-shell-upload)                              | <span className="dbadge dbadge-medium">PRACTITIONER</span> | File Upload Vulnerabilities    | [Open](https://portswigger.net/web-security/file-upload/lab-file-upload-remote-code-execution-via-polyglot-web-shell-upload)                  |
| [Remote code execution via server-side prototype pollution](/en/portswigger/labs/prototype-pollution/server-side-remote-code-execution-via-server-side-prototype-pollution)          | <span className="dbadge dbadge-medium">PRACTITIONER</span> | Prototype Pollution            | [Open](https://portswigger.net/web-security/prototype-pollution/server-side/lab-remote-code-execution-via-server-side-prototype-pollution)    |

## TryHackMe rooms practicing Remote Code Execution (RCE) (103)

| Room                                                                         | Difficulty                                       | Type        | Access  | Official                                                      |
| ---------------------------------------------------------------------------- | ------------------------------------------------ | ----------- | ------- | ------------------------------------------------------------- |
| [History of Malware](/en/tryhackme/rooms/historyofmalware)                   | <span className="dbadge dbadge-easy">INFO</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/historyofmalware)           |
| [OverlayFS - CVE-2021-3493](/en/tryhackme/rooms/overlayfs)                   | <span className="dbadge dbadge-easy">INFO</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/overlayfs)                  |
| [25 Days of Cyber Security](/en/tryhackme/rooms/learncyberin25days)          | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/learncyberin25days)         |
| [Advent of Cyber 1 \[2019\]](/en/tryhackme/rooms/25daysofchristmas)          | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/25daysofchristmas)          |
| [Advent of Cyber 2 \[2020\]](/en/tryhackme/rooms/adventofcyber2)             | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/adventofcyber2)             |
| [Advent of Cyber 2022](/en/tryhackme/rooms/adventofcyber4)                   | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/adventofcyber4)             |
| [Advent of Cyber 2023](/en/tryhackme/rooms/adventofcyber2023)                | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/adventofcyber2023)          |
| [Advent of Cyber 2024](/en/tryhackme/rooms/adventofcyber2024)                | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/adventofcyber2024)          |
| [Advent of Cyber 3 (2021)](/en/tryhackme/rooms/adventofcyber3)               | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/adventofcyber3)             |
| [Anonforce](/en/tryhackme/rooms/bsidesgtanonforce)                           | <span className="dbadge dbadge-easy">EASY</span> | Challenge   | 🟢 Free | [Open](https://tryhackme.com/room/bsidesgtanonforce)          |
| [Atlassian CVE-2022-26134](/en/tryhackme/rooms/cve202226134)                 | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/cve202226134)               |
| [AWS Basic Concepts](/en/tryhackme/rooms/awsbasicconcepts)                   | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/awsbasicconcepts)           |
| [Badbyte](/en/tryhackme/rooms/badbyte)                                       | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/badbyte)                    |
| [Basic Pentesting](/en/tryhackme/rooms/basicpentestingjt)                    | <span className="dbadge dbadge-easy">EASY</span> | Challenge   | 🟢 Free | [Open](https://tryhackme.com/room/basicpentestingjt)          |
| [Bolt](/en/tryhackme/rooms/bolt)                                             | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/bolt)                       |
| [Broken Access Control](/en/tryhackme/rooms/owaspbrokenaccesscontrol)        | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/owaspbrokenaccesscontrol)   |
| [Cloud Security Pitfalls](/en/tryhackme/rooms/cloudsecuritypitfalls)         | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/cloudsecuritypitfalls)      |
| [Common Attacks](/en/tryhackme/rooms/commonattacks)                          | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/commonattacks)              |
| [Cyborg](/en/tryhackme/rooms/cyborgt8)                                       | <span className="dbadge dbadge-easy">EASY</span> | Challenge   | 🟢 Free | [Open](https://tryhackme.com/room/cyborgt8)                   |
| [Enumeration & Brute Force](/en/tryhackme/rooms/enumerationbruteforce)       | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/enumerationbruteforce)      |
| [Exploit Vulnerabilities](/en/tryhackme/rooms/exploitingavulnerabilityv2)    | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🔵 VIP  | [Open](https://tryhackme.com/room/exploitingavulnerabilityv2) |
| [Fowsniff CTF](/en/tryhackme/rooms/ctf)                                      | <span className="dbadge dbadge-easy">EASY</span> | Challenge   | 🟢 Free | [Open](https://tryhackme.com/room/ctf)                        |
| [Google Dorking](/en/tryhackme/rooms/googledorking)                          | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/googledorking)              |
| [h4cked](/en/tryhackme/rooms/h4cked)                                         | <span className="dbadge dbadge-easy">EASY</span> | Challenge   | 🟢 Free | [Open](https://tryhackme.com/room/h4cked)                     |
| [How Websites Work](/en/tryhackme/rooms/howwebsiteswork)                     | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/howwebsiteswork)            |
| [Hydra](/en/tryhackme/rooms/hydra)                                           | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/hydra)                      |
| [Ice](/en/tryhackme/rooms/ice)                                               | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/ice)                        |
| [Intro PoC Scripting](/en/tryhackme/rooms/intropocscripting)                 | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/intropocscripting)          |
| [Intro to Logs](/en/tryhackme/rooms/introtologs)                             | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/introtologs)                |
| [Intro to SSRF](/en/tryhackme/rooms/ssrfqi)                                  | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🔵 VIP  | [Open](https://tryhackme.com/room/ssrfqi)                     |
| [Introduction to CryptOps](/en/tryhackme/rooms/introductiontocryptops)       | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/introductiontocryptops)     |
| [Introduction to OWASP ZAP](/en/tryhackme/rooms/learnowaspzap)               | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/learnowaspzap)              |
| [JPGChat](/en/tryhackme/rooms/jpgchat)                                       | <span className="dbadge dbadge-easy">EASY</span> | Challenge   | 🟢 Free | [Open](https://tryhackme.com/room/jpgchat)                    |
| [Jupyter 101](/en/tryhackme/rooms/jupyter101)                                | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/jupyter101)                 |
| [kiba](/en/tryhackme/rooms/kiba)                                             | <span className="dbadge dbadge-easy">EASY</span> | Challenge   | 🟢 Free | [Open](https://tryhackme.com/room/kiba)                       |
| [Learn Rust](/en/tryhackme/rooms/rust)                                       | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/rust)                       |
| [Linux Logging for SOC](/en/tryhackme/rooms/linuxloggingforsoc)              | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/linuxloggingforsoc)         |
| [Linux Strength Training](/en/tryhackme/rooms/linuxstrengthtraining)         | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/linuxstrengthtraining)      |
| [MS Sentinel: Deploy](/en/tryhackme/rooms/sentineldeploy)                    | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🔵 VIP  | [Open](https://tryhackme.com/room/sentineldeploy)             |
| [MS Sentinel: Detect](/en/tryhackme/rooms/sentineldetect)                    | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🔵 VIP  | [Open](https://tryhackme.com/room/sentineldetect)             |
| [MS Sentinel: Ingest Data](/en/tryhackme/rooms/sentinelingestdata)           | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🔵 VIP  | [Open](https://tryhackme.com/room/sentinelingestdata)         |
| [MS Sentinel: Just Looking](/en/tryhackme/rooms/justlooking)                 | <span className="dbadge dbadge-easy">EASY</span> | Challenge   | 🔵 VIP  | [Open](https://tryhackme.com/room/justlooking)                |
| [Network Security Essentials](/en/tryhackme/rooms/networksecurityessentials) | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/networksecurityessentials)  |
| [OhSINT](/en/tryhackme/rooms/ohsint)                                         | <span className="dbadge dbadge-easy">EASY</span> | Challenge   | 🟢 Free | [Open](https://tryhackme.com/room/ohsint)                     |
| [Overpass](/en/tryhackme/rooms/overpass)                                     | <span className="dbadge dbadge-easy">EASY</span> | Challenge   | 🟢 Free | [Open](https://tryhackme.com/room/overpass)                   |
| [OWASP Juice Shop](/en/tryhackme/rooms/owaspjuiceshop)                       | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/owaspjuiceshop)             |
| [OWASP Mutillidae II](/en/tryhackme/rooms/owaspmutillidae)                   | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/owaspmutillidae)            |
| [OWASP Top 10 2025: IAAA Failures](/en/tryhackme/rooms/owasptopten2025one)   | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/owasptopten2025one)         |
| [Pentesting Fundamentals](/en/tryhackme/rooms/pentestingfundamentals)        | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/pentestingfundamentals)     |
| [Phishing Analysis Fundamentals](/en/tryhackme/rooms/phishingemails1tryoe)   | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Open](https://tryhackme.com/room/phishingemails1tryoe)       |

*Showing 50 of 103. The [full catalog](/en/tryhackme/all) has the rest.*

## Related skills

* [/en/skills/lfi](/en/skills/lfi)
* [/en/skills/rfi](/en/skills/rfi)
* [/en/skills/shellshock](/en/skills/shellshock)

***

← [Back to the full glossary](/en/glossary)

<script type="application/ld+json">
  {`{"@context":"https://schema.org","@type":"DefinedTerm","name":"Remote Code Execution (RCE)","termCode":"rce","inLanguage":"en","url":"https://rootea.es/en/skills/rce","inDefinedTermSet":{"@type":"DefinedTermSet","name":"Tactical pentesting glossary","url":"https://rootea.es/en/glossary"}}`}
</script>

<script type="application/ld+json">
  {`{"@context":"https://schema.org","@type":"ItemList","name":"HTB machines practicing Remote Code Execution (RCE)","numberOfItems":104,"itemListElement":[{"@type":"ListItem","position":1,"url":"https://rootea.es/en/htb/machines/linux/dificil/admirertoo","name":"AdmirerToo"},{"@type":"ListItem","position":2,"url":"https://rootea.es/en/htb/machines/linux/dificil/altered","name":"Altered"},{"@type":"ListItem","position":3,"url":"https://rootea.es/en/htb/machines/windows/insano/anubis","name":"Anubis"},{"@type":"ListItem","position":4,"url":"https://rootea.es/en/htb/machines/linux/medio/apocalyst","name":"Apocalyst"},{"@type":"ListItem","position":5,"url":"https://rootea.es/en/htb/machines/windows/medio/atom","name":"Atom"},{"@type":"ListItem","position":6,"url":"https://rootea.es/en/htb/machines/linux/facil/backdoor","name":"Backdoor"},{"@type":"ListItem","position":7,"url":"https://rootea.es/en/htb/machines/linux/medio/backend","name":"Backend"},{"@type":"ListItem","position":8,"url":"https://rootea.es/en/htb/machines/linux/medio/backendtwo","name":"BackendTwo"},{"@type":"ListItem","position":9,"url":"https://rootea.es/en/htb/machines/linux/facil/bank","name":"Bank"},{"@type":"ListItem","position":10,"url":"https://rootea.es/en/htb/machines/windows/insano/bankrobber","name":"Bankrobber"},{"@type":"ListItem","position":11,"url":"https://rootea.es/en/htb/machines/windows/medio/bart","name":"Bart"},{"@type":"ListItem","position":12,"url":"https://rootea.es/en/htb/machines/windows/medio/bastard","name":"Bastard"},{"@type":"ListItem","position":13,"url":"https://rootea.es/en/htb/machines/linux/facil/beep","name":"Beep"},{"@type":"ListItem","position":14,"url":"https://rootea.es/en/htb/machines/windows/dificil/blackfield","name":"Blackfield"},{"@type":"ListItem","position":15,"url":"https://rootea.es/en/htb/machines/windows/facil/buff","name":"Buff"},{"@type":"ListItem","position":16,"url":"https://rootea.es/en/htb/machines/linux/medio/cache","name":"Cache"},{"@type":"ListItem","position":17,"url":"https://rootea.es/en/htb/machines/linux/medio/catch","name":"Catch"},{"@type":"ListItem","position":18,"url":"https://rootea.es/en/htb/machines/linux/medio/celestial","name":"Celestial"},{"@type":"ListItem","position":19,"url":"https://rootea.es/en/htb/machines/linux/medio/chaos","name":"Chaos"},{"@type":"ListItem","position":20,"url":"https://rootea.es/en/htb/machines/windows/dificil/conceal","name":"Conceal"},{"@type":"ListItem","position":21,"url":"https://rootea.es/en/htb/machines/windows/dificil/control","name":"Control"},{"@type":"ListItem","position":22,"url":"https://rootea.es/en/htb/machines/linux/dificil/crimestoppers","name":"CrimeStoppers"},{"@type":"ListItem","position":23,"url":"https://rootea.es/en/htb/machines/linux/insano/crossfit","name":"CrossFit"},{"@type":"ListItem","position":24,"url":"https://rootea.es/en/htb/machines/linux/insano/ctf","name":"CTF"},{"@type":"ListItem","position":25,"url":"https://rootea.es/en/htb/machines/windows/facil/curling","name":"Curling"}]}`}
</script>

*Last updated: 2026-05-09*
