Hello, I am looking for HTB boxes where you can privesc through misconfigurations, and without any kernel exploit.
Does anyone have such a list, or recommendation ?
Pretty much all of the current live machines meet that criteria
For the linux boxes I do agree, but is it true for windows boxes too ? I often struggle to find misconfigurations leading to privesc, and every writeups are full of kernel exploits and/or MSF.
I have done 90% of the current windows machines and have never used a kernel exploit or metasploit. Maybe you have a different definition of kernel exploit…
Ok, I have to try harder then 
Thanks !
VbScrub will make videos about active directory
you can also find documentation here (thanks minatotw):https://blog.harmj0y.net/