Googling around the web for a CTF (Capture The Flag) project to try my fledgling hacking skills on I found https://maze.pentest-challenge.co.uk/ the easiest one marked "novice" for something called Securi-Tay 2017. Hopefully their definition of "novice" is similar to mine. I call it a "walkthrough" but it's not a guide intended to follow, more of a diary of what I did right and wrong. On booting the CTF virtual machine, it tells us which IP address to target. In my case it's 192.168.3.99. An nmap scan shows only port 80 running Apache/2.4.10 (Debian). Browsing to the provided IP, we  Continue Reading