The Hack The Box platform provides a wealth of challenges - in the form of virtual machines - simulating real-world security issues and vulnerabilities that are constantly provided and updated by the community. Some of them simulate real-world scenarios, and some lean more toward a CTF-style of approach.
Hack The Box innovates by constantly providing fresh and curated hacking challenges in a fully gamified, immersive, and intuitive environment. The platform brings together security researchers, pentesters, infosec professionals, academia, and students, making it the social network for ethical hackers and infosec enthusiasts, counting more than 500k members and growing dynamically.
HTB Labs Content
Machines
Machines are instances of vulnerable virtual machines. These are virtualized services, virtualized operating systems, and virtualized hardware that all run on our servers. Machines can be Easy, Medium, Hard or Insane and can host different Operating Systems; Linux, Windows, FreeBSD, and more.
Challenges
Challenges are bite-sized applications for different pentesting techniques. These come in three main difficulties, specifically Easy, Medium, and Hard, as per the coloring of their entries on the list. Their scope? To be attacked by you.
Sherlocks
Sherlocks are defensive investigatory scenarios designed to provide hands-on practice in replicating real-life cases.
Prolabs
These consist of enclosed corporate networks of Machines using different operating systems, different security configurations, different vulnerabilities, and exploitation paths while simulating a real corporate environment.
Retired Content
Retired content has been retired from our active labs and/or offerings and is no longer available on our free servers. In the case of Machines, the last few to be retired are still available to free users. We release one new Machine every week and also retire one Machine at the same time. Retired content does not give Points or Ownership.
Ranks, Points, and Game Elements of Hack The Box
Points, Badges, First Bloods, and Respect Points will help you climb the Global Rankings of Hack The Box, improve your Hacker Rank, and ultimately testify to your skillset in Cyber Security. These can be seen on any public profile by anyone. If you’ve got the skills and the points/tank to show for it, you won’t go unnoticed!
Your only objective here is to grind and learn. In the end, it will be worth it.
Points
The Points system is straightforward. Each Machine, Challenge, Endgame, or Fortress completed will offer you a number of Points that is based on its complexity. This way, harder tasks will earn you more Points, where easy ones will not earn you as many. The Points contribute to your overall position on the global and regional scoreboards.
Points are allocated based on a number of variables, such as user/root owns and challenges completed. Each Machine/Challenge displays the number of Points earned upon completion.
Points are calculated using the following Points Formula:
(userOwnPoints + systemOwnPoints + challengeOwnPoints + fortressOwnPoints + endgameOwnPoints + userBloodPoints + systemBloodPoints + challengeBloodPoints) * ownershipPercentage
It's worth noting that while Points are directly correlated to your global ranking, they are not what dictates your Hacker Rank.
Ranks
Sometimes referred to as your Hacker Rank, Ranks are achieved by increasing the total % of Ownership of active Machines and Challenges. The levels and required % are the following:
Noob >= 0%,
Script Kiddie > 5%,
Hacker > 20%,
Pro Hacker > 45%,
Elite Hacker > 70%,
Guru > 90% and
Omniscient = 100%
As you level up, you gain certain perks and features. For example, Fortresses unlock at Hacker, and Endgames unlock at Guru.
The Ownership % Formula can be seen here:
(ActiveSystemOwns + (ActiveUserOwns / 2) + (ActiveChallengeOwns / 10)) / (activeMachines + (activeMachines / 2) + (activeChallenges / 10)) * 100
General Game Elements
Note that only Active Machines and Active Challenges offer any Points or Ownership upon completion. These consist of tasks that do not have any available write-up and have been recently made public for everyone to solve.
Once a Machine, Challenge, Fortress, or Endgame is retired, the points attributed to any user ever for solving that particular task will turn into 0. This means that every weekend, on retiring day, everyone's Ownership will drop with the number of Points equal to the Point value of the retired content for that week.
This means that users who were about to reach the next rank will have to work a little more until they hit it. This, however, does not mean that anyone loses their rank.
For example, if you've just hit the rank Hacker and have 0 progress towards Pro Hacker, and a Machine is retired, you will not be de-ranked back to Script Kiddie. You will keep your 0% progress towards Pro Hacker together with your current Hacker rank.
We've put this system in place to ensure that everyone gets the rank they deserve based on their skills, but if for any reason a user needs to stay inactive for a period of time, they will not lose their rank as they've already proven their skills for that position.
First Blood is a big thing in video games, so we've ported it over to our approach to the gaming paradigm. Once a new Machine or Challenge released, everyone has the chance to get First Blood on it.
This will display their name on the Machine or Challenge's dedicated page and also award them more points upon submitting the flags than a normal own would.
It's an excellent reason to level up your hacking skills and prove yourself to the community.
Points and the Leaderboard are updated once a day and not in real-time.
Points that show up on the profile get updated the moment you own a Machine and the moment a Machine retires.
Respect Points can also be awarded to other users. To offer your respect point to a user for creating a Machine, Challenge, or just in general for being a really neat person, you can visit their profile and click on the Respect button. You will appear under their profile as a person who offered that user Respect.
Free and VIP account
At Hack The Box, we provide Free, VIP and VIP+ accounts.
Free accounts have access to the 20 weekly Active Machines and Active Challenges.
VIP accounts have access to all available Hack The Box Machines (both Active and Retired), and they are able to view the official write-ups and videos for each Retired Machine.
If you'd like to make a subscription to either VIP, our Pro Labs, or simply just to view the status of your current subscriptions, you can head over to the Billing&Plans page.
Here you can find your current available Hack The Box credit, which you can use to purchase services, and the status of your Subscriptions for our labs.
If you'd like to find out more about VIP, you can always visit this link or click on the Purchase button next to the VIP Subscription entry on this page.
Both will contain all the information needed for you to make a decision on the VIP pack. Still, we guarantee that you will immediately fall in love with all the new features it unlocks and with how much it can accelerate the learning process for a new user!
The Dashboard
The Dashboard will be your landing page after logging in, from here you can navigate to all pages of the platform using the left side menu.
One more important tab is the profile page, you can access it from the top-right and you can edit many profile-related settings from there, find out more in this article :
Progress Analysis
On the Overview tab, you can see your current progress in the different labs with the option to filter by time period.
Below is your skill breakdown for both Machines and Challenges. You can click on View More for more detailed information.
Below these, you can also track your progress on our Fortress and Endgame labs. Each separate one will be displayed under their respective category.
Scrolling even further down towards the end of the page, you can find your progress report for our Pro Labs line-up. You can use the navigation arrows to switch between the different Pro Labs.
Badges
With each feat that you accomplish as a community member of Hack The Box, we've made sure to reward you with a congratulatory Badge! Your Badges appear both on your public and your community profile on the platform. They contain a short description of the feat you accomplished to obtain the Badge.
You can think of them as video game achievements. For all intents and purposes, they prove to the world that you're a dedicated player with a keen eye to detail and an appetite for curiosity!
To view your Badges, one only needs to navigate to your Profile and click on their respective tab. Scrolling down will present the viewer with all the different categories.