All latest news and releases on Hack The Box platforms.
New release
Product update

New Academy Module: Intro to C2 Operations with Sliver.

jack avatar
Shared by jack • May 28, 2024

Equip yourself with the knowledge to protect and understand the intricacies of Active Directory attacks with Intro to C2 Operations with Sliver.

Active Directory is a cornerstone in over 90% of corporate environments, making it a prime target for attacks.

What you'll learn:

  • Initial foothold tactics: Discover how attackers gain their first access within a corporate environment.
  • Compromising the Forest: Learn how to escalate from initial access to full forest compromise using Sliver C2 and other powerful open-source tools.
New release
Product update

Prepare for full-scale CTF events with CTF Try Out!

jack avatar
Shared by jack • May 28, 2024

Looking to sharpen your cybersecurity skills?

CTF Try Out is a free, open, and ongoing CTF event where you can create a team and tackle challenges on the HTB CTF platform.

This is the perfect opportunity to familiarize yourself with the platform and gain valuable experience before participating in a full-scale CTF event.

Why join CTF Try Out?

  • Team building: Create a team with colleagues to solve challenges collaboratively.
  • Learn by doing: Get hands-on experience with real CTF challenges in a fun and competitive environment.
  • Prepare for future events: Get onboarded on the platform and hit the ground running when the next CTF event comes around.
New release
Product update

🛡️ Operation Shield Wall: Unveiling the fourth defensive scenario!

jack avatar
Shared by jack • May 24, 2024

Intelligence from a partner nation indicates that a group known as Red Badger may be targeting the Velorian Government.

Jump into the fourth installment of the OpShieldWall series, to safeguard the nation's most vital assets across both on-premises and cloud-based networks.

Your mission is to thoroughly sweep the network infrastructure to identify any potential compromises and report findings.

Don’t forget, users who complete all Sherlocks by July 26th will receive an exclusively crafted coin.

Good luck, and happy hunting!

Improvement
New release

Use the NIST | NICE Framework to assign Labs and measure team performance.

HTB avatar
Shared by HTB • May 21, 2024

Ready to take your team's performance to the next level?

Explore our ever-growing library of Academy Modules mapped to the NIST | NICE Framework.

With this new content categorization feature, you can easily assign targeted content based on your team's objectives and technique practice. Simply search for Modules aligned with the NIST | NICE Framework using any keyword, the specific code or name of a NICE skill, task, knowledge or work role.

You can now use the NIST | NICE Framework to measure team performance via the Reporting page to conduct workforce assessments, identify gaps, and pave the way for strategic workforce development initiatives.

Dive into HTB Academy for Business today and discover the possibilities waiting in your lab.

New release
Product update

Level up your DFIR skills with our new Sherlock.

HTB avatar
Shared by HTB • May 21, 2024

Ultimatum, our new defensive scenario awaits your investigative prowess in Dedicated Labs.

Forela’s WordPress server, home to the exclusive Forela Social Club blog, has fallen victim to notorious attackers and our SOC team suspects that a vulnerable plugin on the blog might be the gateway for these miscreants.

Step into the shoes of a DFIR Analyst and embark on a thrilling journey to unmask the culprits behind this attack.

Product update
New release

New Academy Module for mastering Windows Active Directory environments.

HTB avatar
Shared by HTB • May 21, 2024

Join our new Academy Module - DACL Attacks II - to master advanced Discretionary Access Control Lists techniques and strategies in Windows Active Directory environments.

Learn to detect and mitigate DACL-based attacks, and develop both offensive and defensive skills in safeguarding and compromising Active Directory networks.

Enrol now and elevate your cybersecurity knowledge and expertise!

New release
Product update
Exclusive

Tackle real-world scenarios with new exclusive Machines.

HTB avatar
Shared by HTB • May 21, 2024

We’re thrilled to release two (2) exclusive Machines that will challenge and expand your knowledge in Enumeration, Windows, and EDR.

Away

Away is an easy difficulty Windows Machine that will put your skills to the test. With an anonymous-access enabled backup SMB share, your goal is to obtain the SAM and SYSTEM files and crack user hashes. Gain a foothold on the RDP service by reusing one of the cracked passwords, and exploiting a known vulnerability in Oracle VM VirtualBox (CVE-2024-21111) to obtain administrator privileges.

Detector

Dive into the world of Endpoint Detection and Response (EDR) with Detector, a hard level Windows Machine designed to showcase advanced techniques in EDR bypass. Your mission is to obtain administrative access using Indirect Syscalls.

New release
Product update

🛡️ Operation Shield Wall: Unveiling the third scenario!

HTB avatar
Shared by HTB • May 17, 2024

Get ready for OpShieldWall-3, the latest offensive scenario in our cybersecurity initiative to boost Veloria's defenses!

Backed by the Velorian government and GASC, this new scenario is shifting focus to offensive operations to enhance Veloria’s cybersecurity strategy.

Your mission is to compromise the Ravenskian government's command and control infrastructure, gathering vital threat intelligence for national security.

Engaging with OpShieldWall-3, you'll:

  • Get hands-on experience in offensive operations.
  • Learn to breach and compromise C2 servers.
  • Understand the threat landscape.
  • Conduct strategic threat analysis.
New release
Product update

Explore the new Bug Bounty Hunting Essentials CTF event pack.

HTB avatar
Shared by HTB • May 14, 2024

Built for junior cybersecurity professionals, the specialized Bug Bounty Hunting - Essentials CTF event pack is designed to sharpen your team's skills in exploiting known CVEs, directory fuzzing, and XSS vulnerabilities.

This pack features a curated list of ten (10) new Challenges, from very easy to easy, perfect for assessing junior roles like Web Application Penetration Testers and Engineers. Organize your next CTF to enhance your team’s competencies in:

  • Web Application Security fundamentals.
  • Identifying and exploiting common vulnerabilities.
  • Bug Bounty Hunting techniques.

This pack seamlessly integrates with the Academy Bug Bounty Hunter job-role path, covering 75% of the recommended module material. Make the most of this dual offering to elevate your team's performance for today’s cybersecurity threats.

New release
Product update

🛡️ Operation Shield Wall: Unveiling the second defensive scenario!

HTB avatar
Shared by HTB • May 10, 2024

Meet OpShieldWall-2, our second defensive scenario released in the Operation Shield Wall series!

The Velorian Federal Police raided a suspected agent's home, and during the search, they uncovered a critical piece of evidence: a burner phone hidden in a concealed location.

Your mission is to conduct a detailed forensic analysis of this mobile device. The suspect's house contained evidence suggesting they were near the Government site that was compromised. It's up to you to uncover the connections and report back with your findings.

Engaging with OpShieldWall-2, you'll:

  • Gain hands-on experience in mobile forensics.
  • Learn techniques for identifying hidden data and extracting key evidence.
  • Understand the role of burner phones in covert operations.
  • Develop skills in analyzing evidence to build a case and enhance your cyber understanding and performance.

Good luck, and happy hunting!