The new Senior Web Penetration Tester job-role path is live! The course material focuses on hard-to-find vulnerabilities and provides solid experience in whitebox and blackbox techniques.

Considering the domains covered, this path is particularly suggested to anyone who completed (or is currently going through) the Bug Bounty Hunter job-role path, penetration testers, and developers or DevOps professionals who can practice secure coding and source code review concepts.

Get started with a Gold Annual subscription.

This new job-role path is our first advanced and specialized series of Modules, marked as Tier III. To provide a better experience to our students, the HTB Academy team has created a Gold Annual plan, which provides immediate access to the entire job-role path and other features (not available on a monthly plan, such as exam voucher or 1-1 tutoring). Consult the pricing page for more details.

Early bird discount - get 25% off now!

As per every job-role path, the Senior Web Penetration Tester will also lead to an upcoming industry certification. You have time until December 31st, 2023 (23.59 UTC) to get a 25% discount on the Gold Annual plan as an early bird customer — before the certification exam even comes out!

The new Senior Web Penetration Tester job-role path is live! An advanced learning path dedicated to professionals looking to obtain the necessary skills to identify hard-to-find vulnerabilities using both black-box and white-box techniques.

Suited for teams of penetration testers, developers, and DevOps with experience in secure coding and source code review, as well as those who have completed (or are currently going through) the Bug Bounty Hunter job-role path.

This in-depth set of learning Modules is equipped with various real-world exercises that cultivate a strong confidence in web vulnerabilities.

Access this job-role path with any Academy Pro or bundled subscriptions (excluding Lite subscription).

Don't have access to these course materials? Contact your dedicated Account Manager or explore more by clicking the button below.

It’s time for you to get the recognition you deserve within the Capture The Flag community! You can now create your CTF player profile within the HTB CTF platform and connect with other avid players and teams with similar skills and interests.

Take advantage of one of the largest communities of CTF players and even polish your page to attract cybersecurity employers within the HTB community.

Get started by setting up your profile’s avatar and profile details, begin showcasing your achievements, and see yourself rise through the ranks as you engage in more competitions!

It's time to combine your AWS, SOC, and DFIR skills to tackle this week’s two (2) new Sherlocks added to Dedicated Labs.

Start by tackling all security concerns arising from vulnerability reports of a misconfigured AWS S3 Bucket policy by practicing with the second Sherlock of its cloud series, Nubilum-2.

Then, use your forensic skills to analyze the successful compromise of a server hosting a vulnerable version of Apache ActiveMQ with Broker-D and successfully conquer this week’s new defensive additions to your lab.

Looking to apply a purple-minded approach to your learning and practice? Gain an attacker’s perspective by completing the Broke Machine first.

Don't have access to these scenarios? Contact your dedicated Account Manager or explore more by clicking the button below.

We are excited to announce an update to our collection of guided materials with official write-ups for all Crypto Challenges within Dedicated Labs.

Are you ready to tackle your next Crypto Challenge? These write-ups are your secret weapon, helping you get unstuck or guiding you through every crucial step to ace every scenario.

Admins can also enable write-ups alongside "Guided Mode" for an even more supported learning journey when needed.

Don’t have access to Dedicated Labs yet? Contact your account manager or explore more by clicking the button below.

Are you using HTB Enterprise Platform to improve, personalize, and calibrate your workforce development program?

Here’s an interesting read where we dive into 4 exclusive features on Enterprise Platform that can help you implement successful (and regular) skills assessment.

• Content search based on industry frameworks
• Flexible Lab management and assignment
• Admin activity and progress tracking
• Guided and exploratory options for practice

Take advantage of this guide to help you challenge your approach, align with your business goals, and create an upskilling culture within your team.
​

A new HTB Academy Module is here to help you refine your knowledge of deserialization vulnerabilities, specifically related to custom exploit development and whitebox testing.

Gain a thorough understanding of .NET deserialization and exploit development and learn to identify, exploit, and defend vulnerabilities.

Complete this Module by engaging in hands-on exercises that will assess your skills against a custom target vulnerable to attacks.

Don't have access to these course materials? Contact your dedicated Account Manager or explore more by clicking the button below.

Every day of the week, we will have your DFIR practice covered with five (5) new Sherlocks added to Dedicated Labs.

Put your Forensic skills to practice by investigating a variety of artifacts, logs, and alerts with RogueOne, SinksShips, and EinLaden.

Strengthen your Incident Response capabilities by jumping in DIlUsion and taking the role of a Level II Incident Responder by cleaning up the mess on your defaced website with Graffiti.

Develop your defensive capabilities through continuous practice with Sherlocks and build a stronger purple-minded team by utilizing a combination of vulnerable Machines, Challenges, and Sherlocks.

Don't have access to these scenarios? Contact your dedicated Account Manager or explore more by clicking the button below.

Properly constructing and formatting a detailed report can be a complex and time-consuming process. For this reason, we teamed up with the team at Syslifters to make the report creation process more accessible and more friendly, even for first-timers.

You can now write your HTB Academy certification report online or offline using templates created with SysReptor in a few simple steps.

SysReptor is a fully customizable security reporting solution designed to get your documentation started within minutes: create designs based on simple HTML and CSS, write your reports in user-friendly Markdown, and convert them to PDF with just a single click in the cloud or self-hosted.

Get ready to take your investigative skills to new heights within your Dedicated Labs environment. This new functionality gives you the ability to start investigating within your environment by directly accessing a Virtual Machine (VM) in a collection of Sherlocks.

No longer do you have to download any artifacts. Simply spawn a Machine and connect to your Pwnbox instance to complete your Sherlock scenarios.

Don't have access to these scenarios? Contact your dedicated Account Manager or explore more by clicking the button below.