This guide outlines practical steps and best practices to assist you in setting up and running assessments on the Hack The Box platform.
Create Assessment Spaces
You can create separate spaces for your candidates in Dedicated Labs specifically for external assessments (ie, “RoleX Assessment”), and add the content items of your choice, tailored to the role or skill level you want to assess.
Add Content
While any content category can be selected, Machines are most commonly used for assessments, and specifically Enterprise Exclusive ones (you can filter by “Exclusive Machines” while managing the Space). Exclusive content is not available on the Community side, thus accessible by fewer users. This reduces the chance that candidates have already explored the scenario or accessed community hints and tips.
You can also add your own custom content, but before that, you need to upload it to the Enterprise Platform by following the steps in this article.
Custom content allows you to:
Build scenarios tailored exactly to your organisation’s workflows, technologies, and threat models.
Assess skills that cannot be evaluated through public or existing materials (e.g., internal tooling, niche technologies, role-specific tasks).
Ensure a 100% fresh and unknown environment for all candidates, fully eliminating the risk of prior exposure, shared write-ups, or community discussion.
Recreate real incidents or job-specific challenges that reflect what candidates will face in your environment.
Maintain full control over difficulty, scope, and assessment objectives.
By combining Exclusive Machines with your own custom content, you can create highly controlled, realistic, and reliable assessments that better reflect your hiring standards and required skill levels.
Configure Space Settings
You can adjust Settings to:
Disable the space Leaderboard, so candidates don’t see each other’s progress.
Disable the help options under Content Settings (Information, Write-ups, Guided mode), or activate Mask Mode, which hides all assistance, including the real machine name, creating a black-box challenging environment.
Activate the Private Lab option, so your team that's not assigned to the space cannot view the assessment area.
Invite Candidates
You can invite your candidates directly from the Dedicated Labs Main space, using the Guest role, which grants one-time, limited access to the platform, and set an Expiration date to match the assessment period. After that, you can add them to the respective assessment spaces.
Please note the following:
By default, any user having access to Dedicated Labs can also see the Main space, so to avoid sharing unnecessary content with candidates, we recommend keeping the Main space free of content.
Guest users cannot view any space they're not assigned to (even if the space is public with the Private Lab setting turned off), and they also don't have access by default to the main Leaderboard section at the left. This restricts visibility to the rest of the organisation.
Once the assigned period ends, the seat will be revoked and Guest users will no longer have access to the space, but they will still be able to access the platform (Dashboard, My Profile, and Explore pages), unless you fully remove the users from Manage > Users.
Once a Guest user is fully removed, they cannot be re-invited with the same email address, so please make sure to keep their user active until the assessment process is fully complete.
It’s also a good practice to include a short disclaimer in your communication with candidates before providing access to Hack The Box, stating that they should complete the assignment without external help and should not publish any part of the solution externally.
Assessment Process
You can follow candidates’ progress live, asking them to share the Spectator Link with you after launching their Pwnbox, before starting their pen-testing activities.
As part of the assessment process, candidates can submit a Pen-Testing report according to your own requirements. This can also give you a view of their documentation and reporting skills, while follow-up questions during the interview can help validate independent problem-solving and provide deeper insight into their approach.