Sharpen your skills in Web Application exploits with the two (2) exclusive Machines released in April 2024.
Flipper
Explore and exploit two significant vulnerabilities with this Windows Machine: a remote command execution vulnerability in pgAdmin (CVE-2024-3116) and a double-free vulnerability in the nf_tables subsystem of the Linux kernel (CVE-2024-1086). Gain practical experience in exploiting recently disclosed vulnerabilities and understanding the steps involved in a cross-platform attack.
Better
This Linux Machine allows you to understand HTTP Parameter Pollution, identify and exploit SQL Injection vulnerability, recognize Password Reuse Risks, and leverage classic sudo permissions for Privilege Escalation.
Combine theory and hands-on practice to become proficient in attacking and mitigating Active Directory Trust Attacks.
This new Module gives you the essential knowledge and skills to:
Yesterday we launched our latest Professional Lab scenario Alchemy, an industry-realistic scenario for mastering ICS security and defending against ransomware attacks!
Alchemy will challenge your skills and familiarity with:
Alchemy is available as part of the Professional Labs scenarios, click here to read more.
Talent Search has new updates designed to make job applications smoother and more targeted for both company admins and job seekers.
Here’s what you’ll see:
👇 Check out the walkthrough on how to create a new job listing below.
We’ve harnessed feedback from our 2.7 million community of cybersecurity professionals, and we’re excited to share the new Hack The Box updates released during Q1 2024:
Are you looking for a way to organize and run successful Capture The Flag (CTF) events?
Look no further! Our new Enhanced Event Management features simplify the setup and coordination of CTF events, leading to a gamified experience that your team will love.
Follow our best practices to boost team collaboration, benchmark capabilities, or identify eventual knowledge gaps.
👇 Read more about this release or watch our video walkthrough of the new features.
A new HTB Season is almost here!
Join more than 10,000+ aspiring hackers and climb the leaderboard. You only need to complete 2 Machines to receive awesome rewards: discount on subscriptions, swag, and more...
Prepare to face dangerous, unique, and otherworldly anomalies as you compete for a spot at the top of the leaderboard. Find out more about Season 5 on our blog! 👇
Now, Capture The Flag players at HTB have the power to showcase their Challenge status, keeping the entire team in the loop throughout the event.
Whether you have not started a challenge, are in progress, or need assistance, simply indicate it on the platform!
This way, you and your team can coordinate seamlessly and stay laser-focused on the competition. Never took part to a CTF event with HTB? Now it's your time 👇
Ever wanted to try your hand at Sherlock's but didn't know where to start? Here are some good news for you!
We've just launched 3 very easy Sherlocks at HTB Labs that are perfectly suited for all cybersecurity beginners.
Give Brutus, BFT, and Uni42 a try and start improving your threat detection and testing your DFIR skills now.
Exciting news! You can now seamlessly sync your progress between HTB Academy and HTB Enterprise Platform using a unified HTB Account — connecting all your profiles under one umbrella.
Here's what this new enablement brings to the table:
For guidance on syncing your progress, please refer to our Help Center article by clicking the button below👇