There are many great reasons to
join Hack The Box
Browse rank-restricted job openings
Once you join, you are able to apply for security-related job openings. Most positions are rank-restricted however, so you must prove your ability on our active machines before being able to apply.
HTB Machine Lab
20 active and 110+ retired machines
A new machine as well as standalone challenges released on a weekly basis. Play our 20 most recent (active) machines and all active challenges for free. With VIP, you will have access to our massive retired machine pool as well as full walk-throughs.
RastaLabs is a virtual red team simulation environment, designed to be attacked as a means of learning and honing your engagement skills. The focus of the lab is operating within a Windows Active Directory environment where players must gain a foothold, elevate their privilege, be persistent and move laterally to reach the goal of Domain Admin. The lab features a combination of attacking misconfigurations and simulated users. Prior experience is not strictly required to beat the lab, but it will be a steep learning curve!
Offshore is an Active Directory lab which simulates the look and feel of a real-world corporate network. Users start from an external perspective and have to penetrate the “DMZ” and then move laterally through the CORP.LOCAL, DEV, ADMIN and CLIENT forests to complete the lab. It was designed to appeal to a wide variety of users, everyone from junior-level penetration testers to seasoned testers as well as infosec hobbyists. Players will pick up at least a few new tricks which can be immediately applied to real-world engagements.
Cybernetics is a Windows Active Directory lab environment that has gone through various real-world penetration testing engagements in the past and therefore incorporates fully-upgraded operating systems with all patches applied, which have also been greatly hardened against attacks. The objective of the lab is to operate within a Windows Active Directory environment where players must gain a foothold, elevate their privileges, gain persistence on the network and move laterally to reach the end goal of Domain Admin. Ready?
Dante is a modern, yet beginner-friendly Pro Lab that provides the opportunity to learn common penetration testing methodologies and tools. This Penetration Tester Level I lab teaches information gathering and situational awareness, privilege escalation, buffer overflows, helps you to gain familiarity with the Metasploit Framework, and much more! Upon breaching the perimeter, you are required to explore the network, moving laterally and vertically, until you gain administrative control over all hosts and reach domain admin.
APTLabs simulates a targeted attack by an external threat agent against an MSP (Managed Service Provider). The lab requires prerequisite knowledge of attacking Active Directory networks. APTLabs consists of fully patched servers, prevalent enterprise technologies, a simulated WAN network, and much more! Your goal is to compromise all client networks and reach Domain Admin wherever possible. On completion of this lab, you will be familiar with long-lasting TTPs, know how to abuse enterprise technology, and be a true google-ninja.