The path introduces learners to the most critical security risks affecting modern mobile applications.

Featuring 10 hands-on challenges inspired by real-world scenarios, participants will develop practical skills in analyzing mobile apps, understanding how mobile architectures operate, and identifying weaknesses that can impact application security.

With challenge difficulty ranging from Easy to Medium, this path helps learners build the knowledge and methodology required to assess mobile applications and uncover security issues commonly encountered in modern mobile environments.

These latest updates to the User Management tab streamline team assignment by allowing Admins on HTB Enterprise Platform to bulk-add users to new or existing teams.

With the new unified “Add to Team” action, you can create new teams with a selected set of users or quickly add those users to an existing team using search. This makes team management faster and more efficient at scale, especially for large organizations handling recurring user assignments.

HTB Academy certificate holders now have access to dedicated, public-facing pages for every certification earned. These pages offer a professional, verifiable way to showcase your technical expertise to employers and the community.

Users can access these pages directly through their HTB Profile. Clicking on any earned certificate credential takes you to that certificate's dedicated public page.

Key features include:

The HTB Academy platform has officially migrated to Academy 2.0. This update establishes the new interface as the primary environment for all learners. It’s faster, smoother, and built to power the next wave of content, features, and skill progression.

The previous interface has been retired to ensure a unified experience across the platform.

Shinra is a full-scale, medium-difficulty scenario consisting of 14 Machines and 12 flags. It demonstrates how covert techniques can bypass EDR, avoid SOC detection, and abuse trusted systems. Designed for users who want to transition from pentesting to red team engagements.

We have also released two Mini Pro Lab scenarios:

The Covenant simulation is a highly realistic Linux penetration testing scenario mirroring a corporate network secured by a VPN.

The incident response team faces a critical security challenge due to an alarming surge in alerts. They must immediately coordinate a defense to uncover and eliminate a deeply hidden attacker foothold within the network.

The investigation's scope is to meticulously trace and document the attacker's subtle control expansion, analyze logs, identify compromised systems, and understand lateral movement. The paramount objective is complete threat neutralization to prevent catastrophic exploitation, such as data exfiltration, sabotage, or a complete operational shutdown.

Two new Professional Lab scenarios are now available on the HTB Enterprise Platform!

is an advanced-level Active Directory attack chain designed to evaluate penetration testing capabilities in hybrid Windows-Linux environments. Participants begin with zero initial access and must systematically escalate privileges to achieve Domain Administrator-level compromise. It consists of 2 machines and 2 flags.

is a medium-to-advanced Active Directory lab focused on realistic enterprise domain exploitation within a Windows-based environment. Participants enumerate exposed services, gain initial domain access, and progressively escalate privileges through misconfigurations in authentication, credential management, and delegated permissions to ultimately obtain full domain-level control. It consists of 2 machines and 2 flags.

New exclusive content has been released on Dedicated Labs featuring full system compromise on a Linux machine and compromised endpoints.

EscapeRoom is an easy Linux machine demonstrating full system compromise through insecure development practices and vulnerable third‑party dependencies. Exploiting this vulnerability achieves full privilege escalation and complete system compromise, illustrating the critical risks posed by unpatched dependencies, exposed development services, and insecure production configurations.

This Sherlock scenario provides players with the opportunity to use Autopsy to perform forensic analysis on a compromised endpoint. Through this exercise, players will learn how to use Autopsy and its various features to support digital forensic investigations.

HTB Profile introduces a centralized view of your achievements and skills across Hack The Box platforms.

With the HTB Profile, you can:

Learn more about it here.

New advanced filters have been added to the retired tabs to improve content discovery across

With this update, users can:

This enhancement reduces search time and improves navigation across HTB Labs content.