Nmap Scan nmap --privileged -sVC -v3 -oA output cap.htb Running a comprehensive Nmap scan (-sVC for service/version detection and default scripts) revealed three open ports: Port 21 (FTP): vsftpd 3.0.3 Port 22 (SSH): OpenSSH 8.2p1 (Ubuntu) Port 80 (HTTP): running behind Gunicorn with a Security Dashboard web app. PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.3 22/tcp open ssh OpenSSH 8.2p1 (Ubuntu) 80/tcp open http Gunicorn (Security Dashboard) With the HTTP service exposed, I proceeded to explore the web application.