A step-by-step guide to the Metasploit Framework
Follow this Metasploit Framework tutorial for a comprehensive overview of module types, targets, payloads, and much more!
HTB Blog > Red Teaming
Introducing new realistic enterprise-level attack scenarios (and how to become a Red Team Operator!)
Pro Labs is a cornerstone for red team skills development. Utilized by both new professionals who’ve graduated to full-time employees and businesses who are building their security teams.
Exploring the Snowflake Breach (Attack Anatomy)
We dissect the Snowflake Breach through the lens of the MITRE ATT&CK framework.
Cybersecurity's dark secrets: 3 confessions from industry experts
From gnawing imposter syndrome to communication challenges with execs, cyber pros at DEF CON anonymously shared their “unfiltered truths” about working in the industry. Can you relate?
When "Easy" isn't easy: How to build skills for hacking success
The truth about completing content to build real-world hacking & cybersecurity skills, even “Easy” ones
4 website hacking techniques (try these on your next pentest)
Four beginner-friendly website hacking techniques to try on your next pentest (with live “follow-along” examples)!
You’re now part of an inside job! Season 6 brings you into the world of heists
Your third rift has brought you some sense of normalcy. But don’t get too comfy, there’s work to be done.
Unveil the secrets of AI/ML attacks to conquer Hack The Box’s new Challenge category
The adoption of AI and ML is steadily growing. See how this addition to our Challenge category aims to test users looking to exploit this turn-of-the-century-tech!
Dissecting Cuttlefish Malware (Attack Anatomy)
We explore the key capabilities of this Cuttlefish Malware through the lens of the MITRE ATT&CK framework.
5 common web attacks: How to exploit and defend against them
Web applications are always online, which makes these five common web attacks very dangerous to companies. Learn how to exploit and defend against them today!
Nmap cheatsheet: every command you need in 2024
Use our Nmap cheatsheet for essential commands including host discovery, network and port scanning, and firewall evasion.
10-point secure code review checklist for developers
How dev teams can integrate secure code reviews that are realistic, sustainable, and respect development lifecycles.
HTB’s 15 must-know Nmap commands in 2024
Discover the most essential commands for scanning, host discovery, and evasion using Nmap.
Vulnerability assessments vs. penetration testing
Penetration tests are a detailed hands-on exploration of an organization’s weaknesses while vulnerability assessments quickly identify risks without going deeper. Here’s why you need both.
8 Powerful Kerberos attacks (that analysts hate)
Discover the most common Kerberos attacks that every red teamer should know (and analysts fear), and learn how to execute them with real-world examples.
An (aspiring hacker’s) web application penetration testing guide for 2024
Our 2024 guide on web application penetration testing is perfect for beginners. Learn to identify vulnerabilities, exploit weaknesses, and report findings ethically.
All the latest news and insights about cybersecurity from Hack The Box. Hacking trends, insights, interviews, stories, and much more