HTB Machines Infographic

Sep 7, 2020


So, we were thinking... Have we ever shown you around the HTB Machine content? Here it is, in numbers!

Hack The Box Machines Infographic: hands-on labs to master your hacking skills!

Share this:

From inception until today, how many Machines does the HTB platform host? Today, September 7th, 2020, we have 177 Machines, 20 Active (as always) and 157 Retired. The best part? We have one new release every single week. One new Machine gets released as Active and one gets retired (found under Retired Machines).

Let’s start with Operating Systems! A variety of any OS you can find in a real-life environment, simulating a hacking playground for you to practise and test your skills to the max.

  • - Windows: 31%
  • - Linux: 64%
  • - FreeBSD: 2%
  • - Other: 2% [Windows IoT, OpensBSD, Solaris]

What about Machine Difficulty? It scales from Easy to Insane in our effort to cover all skills levels and hacking tastes:

  • - Easy: 29%
    If you are a beginner or in the first years of your hacking journey start here and work your way up!
  • - Medium: 35%
    If you are experienced and you want to start pushing yourself towards new limits, go ahead and explore the Medium Machines.
  • - Hard: 20%
    Are you feeling ready to truly challenge yourself and see what you’ve got? Compete with the Omnis for a chance to pwn a Hard Machine and add some serious points to your HTB user profile.
  • - Insane: 16%
    Nothing ever was conquered without effort. Feeling like a pro and want to show off your skills? Solve an Insane Machine and may the pwn force be with you!

The list of Exploit Types is looong! Why? Because we try to add as much hacking content as possible, covering almost everything you may face in your hacking journey/career and real-life assessments. Some of them are more challenging, some are more easy to exploit, but all of them are useful and crucial in keeping your skills sharp and being on top of your hacking game. So, let’s speak with numbers:

  • - File Misconfiguration: 12%
  • - Injection: 10%
  • - SQLi: 8%
  • - Outdated Software: 8%
  • - CMS Exploit: 6%
  • - LFI: 6%
  • - Arbitrary File Upload: 5%
  • - SUID: 5%
  • - Password Reuse: 4%
  • - Cryptography: 4%
  • - Sandbox Escape: 4%
  • - Patch Management: 3%
  • - API Fuzzing: 3%
  • - Kerberoasting: 2%
  • - Account Misconfiguration: 2%
  • - XXE: 2%
  • - CSRF: 1%
  • - XSS: 1%
  • - DNS Zone Transfer: 1%
  • - Process Inspection: 1%
  • - DLL Hijack: 1%
  • - Port Knocking: 1%
  • - Deserialisation: 1%
  • - AppLocker Bypass: 1%

What kind of Exploit Languages will you use for your attacks while working on HTB Machines? The answer is almost everything!

  • - Python: 31%
  • - PHP: 19%
  • - SQL: 17%
  • - Powershell: 17%
  • - C: 7%
  • - Java: 4%
  • - Other: 5%

And the Attack Entry Point? Well what can we do, most machines start with a web exploit but that’s not limited there because after the entry point the attack paths vary!

  • - Web: 75%
  • - Binary Exploit: 15%
  • - Active Directory: 7%
  • - Network: 2%
  • - FTP: 1%

Ready to master the art of hacking?

Hack your way in or login and start hacking!

Hack The Box Team