Professional Labs allow customers to practice hacking in enterprise-scale networked environments. These labs go far beyond the standard single-machine style of content. They offer simulated corporate networks that can span multiple subnets, technologies, and dozens of machines.
Hack The Box offers both Business and Individual customers several scenarios. Each provides different technique requirements, learning objectives, and difficulty levels, from beginner-friendly to highly advanced.
If you have any questions or would like to learn more about a given scenario, you can contact the Hack The Box Sales Team.
Zephyr - NEW!
Zephyr is an intermediate-level red team simulation environment designed to be attacked to learn and hone your engagement skills and improve your Active Directory enumeration and exploitation skills. Zephyr includes a wide range of essential Active Directory flaws and misconfigurations to allow players to get a foothold in corporate environments.
Zephyr Server Management has been hired by Painters organization to actively maintain their infrastructure as they continue to grow as a business. The organizations are mandated to have quarterly penetration tests and have employed you to actively seek any potential vulnerabilities that could lead to both companies' networks being fully compromised. You are tasked to explore the corporate environment, pivot across trust boundaries, and ultimately attempt to compromise all Painters and Zephyr Server Management entities.
This Red Team Operator Level I lab will expose players to:
Enumeration
Exploitation of a wide range of real-world Active Directory flaws
Relay attacks
Lateral movement and crossing trust boundaries
Pivoting
SQL attacks
Password Cracking
Privilege escalation
Web application attacks
Genesis
Genesis is an ideal first lab that features a wide-range of OWASP Top 10 vulnerabilities, common privilege escalation techniques, and real-world security misconfigurations. It covers how to exploit the vulnerabilities and, importantly, how they can be mitigated.
Genesis LLC is a start-up Cyber Security company. Prior to using their services, a potential client has asked for an internal pentest report of the Genesis network as part of their due diligence. Genesis has tasked you with assessing the security of their internal infrastructure and creating a pentest report. They have asked you to assess the 10.10.110.0/24
range first before moving on to any network beyond.
This Penetration Tester Level I lab will expose players to:
Enumeration
Exploit modification
Lateral movement
Mitigations and best practices
Privilege escalation
Situational awareness
Web application attacks
Breakpoint
Breakpoint is a red team simulation environment, designed to be attacked as a means of learning and honing your engagement skills. It's made for junior penetration testers who are looking to enhance their skill set and senior penetration testers in search of a challenging lab to hone their engagement skills.
BreakPoint LLC is a software development startup that takes security seriously. They have enlisted your services to perform a red team assessment of their environment. The goal of this challenging lab is to gain a foothold, elevate privileges, establish persistence, and move laterally to reach the goal of domain admin.
This Red Team Operator Level II lab will expose players to:
Active Directory enumeration and exploitation
Code review
Evading endpoint protections
Lateral movement
Local privilege escalation
Phishing techniques
Situational awareness
VoIP exploitation
Dante
Dante is a beginner-friendly Professional Lab that provides the opportunity to learn common penetration testing methodologies. Dante LLC have enlisted your services to audit their network. The company has not undergone a comprehensive penetration test in the past, and want to reduce their technical debt. They are concerned that any actual breach could lead to a loss of earnings and reputation damage.
Upon breaching the perimeter, you are required to explore the network, moving laterally and vertically, until you gain administrative control over all hosts. You will level up your skills in information gathering and situational awareness, be able to exploit Windows and Linux Buffer Overflows, gain familiarity with the Metasploit Framework, and much else!
There are many flags to be captured along the way, some on the main attack path and others in side-quests that you must go looking for.
This Penetration Tester Level II lab will expose players to:
Enumeration
Exploit Development
Lateral Movement
Privilege Escalation
Web Application Attacks
Offshore
Offshore is a real-world enterprise environment that features a wide range of modern Active Directory flaws and misconfigurations. Offshore Corp is mandated to have quarterly penetration tests per financial regulatory body compliance requirements, and are focused on patching. The company has completed several acquisitions, with the acquired entities being "plugged in" by means of domain trusts.
If you are able to breach the perimeter and gain a foothold, you are tasked to explore the corporate environment, pivot across trust boundaries, and ultimately attempt to compromise all Offshore Corp entities.
Offshore will test your understanding of Active Directory enumeration, exploitation, and post-exploitation as well as lateral movement, pivoting, and modern web application attacks. Some flags are required to advance through the lab, while others are side-quests that reinforce enumeration and post-exploitation skills.
This Penetration Tester Level III lab will expose players to:
Enumeration
Evading endpoint protections
Exploitation of a wide range of real-world Active Directory flaws
Lateral movement and crossing trust boundaries
Privilege escalation
Web application attacks
RastaLabs
RastaLabs is a red team simulation environment, designed to be attacked as a means of learning and honing your engagement skills. The company provides security and penetration testing services, offering expertise, flexibility, and extensive support before, during, and after each engagement. They have enlisted your services to perform a red team assessment of their secured Active Directory environment.
The goal of this challenging lab is to gain a foothold, elevate privileges, establish persistence and move laterally, in order to reach the goal of Domain Admin. There are many flags to be captured and badges to be gained along the way.
This Red Team Operator Level I lab will expose players to:
Active Directory enumeration and exploitation
A variety of lateral movement techniques
Evading endpoint protections
Exploit development
Persistence techniques
Phishing
Privilege escalation
Cybernetics
Cybernetics is an immersive enterprise Active Directory environment that features advanced infrastructure. Cybernetics LLC has enlisted your services to perform a red team assessment on their environment. Cybernetics has gone through multiple pentest engagements, iteratively hardening their environment each time, and therefore have a more mature security posture. Many protection technologies are present and the modern operating systems are fully updated. The enterprise in this real-world scenario focuses on Microsoft and DevOps/automation technologies.
This is a highly challenging and modern environment that will push you to the limit and put your skills to the test in enumeration, exploitation, lateral movement, persistence, and privilege escalation.
There are many flags to be captured along the way, some on the main attack path and others in side-quests that you must go looking for.
This Red Team Operator Level II lab will expose players to:
Active Directory enumeration and exploitation
Breakout
Evading endpoint protections
Kerberos abuse
Lateral movement
Phishing
Privilege escalation
Web application attacks
APTLabs
APTLabs simulates a targeted attack by an external threat agent against an MSP (Managed Service Provider). The lab requires prerequisite knowledge of attacking Active Directory networks. APTLabs consists of fully patched servers, prevalent enterprise technologies, a simulated WAN network, and much more!
Your goal is to compromise all client networks and reach Domain Admin wherever possible. On completion of this lab, you will be familiar with long-lasting TTPs, how to abuse enterprise technology and be a true google-ninja.
This is an extremely challenging lab that will put your skills to the ultimate test.
This Red Team Operator Level III lab will expose players to:
Active Directory enumeration and exploitation
Bypassing security features such as 2FA, JEA, and WDAC
Exploiting interactive users
Kerberos attacks
Lateral movement between multiple forests
Reaching your goals without using any CVEs