Get ready for OpShieldWall-3, the latest offensive scenario in our cybersecurity initiative to boost Veloria's defenses!

Backed by the Velorian government and GASC, this new scenario is shifting focus to offensive operations to enhance Veloria’s cybersecurity strategy.

Your mission is to compromise the Ravenskian government's command and control infrastructure, gathering vital threat intelligence for national security.

Engaging with OpShieldWall-3, you'll:

• Get hands-on experience in offensive operations.
• Learn to breach and compromise C2 servers.
• Understand the threat landscape.
• Conduct strategic threat analysis.

Built for junior cybersecurity professionals, the specialized Bug Bounty Hunting - Essentials CTF event pack is designed to sharpen your team's skills in exploiting known CVEs, directory fuzzing, and XSS vulnerabilities.

This pack features a curated list of ten (10) new Challenges, from very easy to easy, perfect for assessing junior roles like Web Application Penetration Testers and Engineers. Organize your next CTF to enhance your team’s competencies in:

• Web Application Security fundamentals.
• Identifying and exploiting common vulnerabilities.
• Bug Bounty Hunting techniques.

This pack seamlessly integrates with the Academy Bug Bounty Hunter job-role path, covering 75% of the recommended module material. Make the most of this dual offering to elevate your team's performance for today’s cybersecurity threats.

Meet OpShieldWall-2, our second defensive scenario released in the Operation Shield Wall series!

The Velorian Federal Police raided a suspected agent's home, and during the search, they uncovered a critical piece of evidence: a burner phone hidden in a concealed location.

Your mission is to conduct a detailed forensic analysis of this mobile device. The suspect's house contained evidence suggesting they were near the Government site that was compromised. It's up to you to uncover the connections and report back with your findings.

Engaging with OpShieldWall-2, you'll:

• Gain hands-on experience in mobile forensics.
• Learn techniques for identifying hidden data and extracting key evidence.
• Understand the role of burner phones in covert operations.
• Develop skills in analyzing evidence to build a case and enhance your cyber understanding and performance.

Good luck, and happy hunting!

Ready to jump into our newest Academy Module for evading antivirus solutions?

By completing the Module “Introduction to Windows Evasion Techniques”, you will:

• Understand Windows Defender antivirus mechanisms.
• Identify and apply common evasion techniques.
• Analyze the impact of evasion.

CTF Academy Recommendations offer helpful guidance before, during, and after a CTF event to boost learning and performance, bridge the gap between HTB Academy and CTF content, and reinforce knowledge through a blend of both practical and theoretical training.

👇 Check out how to access the customized recommendations that are tailored to the Challenges you have selected.

P.S. This feature is only available to CTF Administrators and Hosts.

Do you find it challenging to manage diverse skill levels within your cybersecurity team?

We‘re excited to introduce Dedicated Labs Spaces — a new feature designed to customize training to support the expertise of each team member while enabling organizations to stay ahead of current and emerging threats. This release streamlines your team’s efforts in critical business operations such as onboarding new talent, hiring, and more, thereby enhancing overall efficiency and cyber performance across various business goals.

Dedicated Labs Spaces create structured subsets within the HTB Enterprise Platform, allowing you to organize team members and content (Machines, Challenges, and Sherlocks) efficiently. Whether you’re supporting beginners or guiding experienced professionals, Spaces help you deliver the right learning experience.

If you want to learn more about what Spaces can boost your team’s performance, head over to our latest blog post by clicking on the button below👇

We’ve updated the Academy Module for Attacking Authentication Mechanisms, which is part of the Senior Web Penetration Tester Job Role Path.

Expand your knowledge in:

• Web Applications authentication.
• Identifying common authentication mechanisms such as JWT, OAuth, and SAML.
• Vulnerabilities resulting from improper use of standardized access controls.

Flag Rotation for Challenges is a new feature that generates unique flags for each team upon each docker deployment.

This new release adds an extra layer of anti-cheating measures, ensuring everyone gets a fair and competitive playing field on the CTF platform.

Note: Flag rotation is only applicable to selective challenges.

We're excited to announce the release of our first defensive scenario in the Operation Shield Wall series!

We've received intelligence suggesting a possible breach in the Velorian Ministry of Defense's public Wi-Fi network. This is especially concerning because government officials, including ministers, rely on this network with their own BYoD (Bring Your Own Device) setups.

Your mission? Analyze the provided packet capture to determine how and when this breach occurred.

Engaging with OpShieldWall-1, you'll:

• Identify a Wi-Fi compromise.
• Assess the risks of inadequate network segmentation.
• Investigate traffic between devices on the compromised network.
• Understand the TLP Amber protocol for discreet investigation.

Good luck, and happy hunting!

What's all the FUZZ about? 😨

A new HTB Academy module is here! Dive into the powerful testing technique and learn how to use it to spot critical issues in software.