We're excited to announce the release of our first defensive scenario in the Operation Shield Wall series!

We've received intelligence suggesting a possible breach in the Velorian Ministry of Defense's public Wi-Fi network. This is especially concerning because government officials, including ministers, rely on this network with their own BYoD (Bring Your Own Device) setups.

Your mission? Analyze the provided packet capture to determine how and when this breach occurred.

Engaging with OpShieldWall-1, you'll:

• Identify a Wi-Fi compromise.
• Assess the risks of inadequate network segmentation.
• Investigate traffic between devices on the compromised network.
• Understand the TLP Amber protocol for discreet investigation.

Good luck, and happy hunting!

What's all the FUZZ about? 😨

A new HTB Academy module is here! Dive into the powerful testing technique and learn how to use it to spot critical issues in software.

A new module is here to help you master Active Directory trust attacks!

• Understand enumerating and attacking intra-forest and cross-forest
• Learn how to explain hardening considerations to customers for risk mitigation

This new feature generates unique flags for each team with every docker deployment, improving our platform's anti-cheating measures.

This way we can ensure a level playing field for all participants in HTB CTF Events 🎉

PS: Flag rotation is applicable only to selected challenges, not all.

We’re thrilled to introduce Operation Shield Wall, a series of five (5) exclusive Sherlocks & two (2) Machines within HTB Dedicated Labs, focused on a cyber incident affecting the National Digital Infrastructure of Veloria.

We will be releasing a new scenario each week, from May 3 to June 14, to ensure you’re always one step ahead of emerging threats and prepare you for real-time breach and crisis simulation, incident analysis, and tactic response.

Upon completion of all seven (7) scenarios, you’ll receive a collectible coin as a symbol of your commitment to cybersecurity readiness.

Learn more about Operation Shield Wall in our recent blog post 👇

Are you ready to uncover clues and examine suspicious applications to enhance your DFIR skills?

Check out our newest Sherlock addition to Dedicated Labs — Jingle Bell — and get the chance to:

• Explore insider threat scenarios and learn key techniques for uncovering hidden data leaks.
• Analyze digital footprints to piece together the story behind the incident.
• Develop a strategic approach to incident response and forensic analysis.

Have you ever wondered how to uncover hidden bugs and security vulnerabilities lurking in your code?

Our latest Module on Binary Fuzzing will take you on an exciting journey through the history, theory, and practical applications of this powerful software testing technique.

Learn how to test your applications with unexpected and malformed inputs to reveal critical issues that might otherwise go unnoticed. Don't let hidden vulnerabilities compromise your software's security!

Baxdoorz is an beginner-friendly Linux Machine that will show you how attackers can leverage a backdoor in xz-utils (CVE-2024-3094) to execute arbitrary commands on an infected Machine running the sshd daemon.

By completing this exclusive Machine, you will:

• Understand how this backdoor vulnerability works and why it poses a serious risk to Linux systems.
• Learn how attackers can exploit this vulnerability to execute harmful commands.

We're revamping our tutoring system! Say goodbye to Discord tutoring and hello to Academy Solutions – a step-by-step guide for every module question directly on our platform.

This is only available for Gold & Silver Annual Subscribers.

Why using Academy Solutions? It will help you overcome learning blockers and conquer complex concepts with ease. Upgrade to annual now and accelerate your cybersecurity journey!

Have you noticed our new certificate design for Professional Labs and Cloud Labs?

After extensive research and feedback from major professional associations and training organizations like ISACA, we've crafted a certificate that ticks all the boxes. Now, you can earn CPEs from any organization you belong to, simply by submitting your certificates of completion.

Here's what our new certification design includes ↓

• CPE credits: Get rewarded for your hard work with CPE credits.
• Length in hours: Easily track the duration of your learning journey.
• Subject areas covered: Know exactly what topics you've mastered.
• Location: Show off your achievements no matter where you are!

Get ready to showcase your expertise and level up your professional development like never before!