Changelog

Follow up on the latest improvements and updates.

RSS

Finding what you need in a write-up just got easier.
Professional Lab and Cloud Lab write-ups are now available as downloadable PDFs, making it simpler to search, navigate, and reference scenario walkthroughs as you work.
You can download them directly from the Write-ups button in the Details section.
writeup_pdf_download
Argon is the perfect scenario for red teamers looking to train on Active Directory enumeration combined with exploitation in maritime operational systems.
The goal is to assess both the external and internal networks of Argon, a global maritime cargo and vessel transportation company. Explore the environment, pivot across trust boundaries, and evaluate the security of both its enterprise and maritime operational infrastructure.
With Argon, you will engage with techniques such as:
  • Active Directory trust abuse across hybrid environments
  • Web application compromise in cargo management systems
  • Maritime operational service exploitation
  • Pivoting between corporate and production networks
  • Cross-forest attacks and privilege escalation
  • Lateral movement through interconnected infrastructure
5 Machines. 4 Flags. Hard difficulty.
Ready to set sail?
Copy of Pro Labs and Professional Labs Templates - 1080x1350
This module provides a comprehensive introduction to the world of AI-augmented penetration testing. It covers the basic concepts and paradigms, including safe use, prompt engineering, and prompting techniques.
AI-Augmented Pentesting Foundations
The model layer is where modern AI systems are built, tuned, evaluated, and attacked. This module takes you inside it on a real model you run yourself, to see not just how it works but where it breaks.
1200x630
This path is designed to help cybersecurity professionals prepare for the Google Cybersecurity Certificate and is now available on HTB Enterprise platform as part of the LetsDefend acquisition!
By completing this path, you'll gain the knowledge and hands-on experience needed to succeed in the Google Cybersecurity Certificate. Throughout the modules, you'll explore cybersecurity best practices, Linux and scripting fundamentals, threat and vulnerability management, and the use of SIEM technologies in modern security operations.
Modules included in this path are:
  • Network Packet Analysis
  • Incident Response on Windows
  • Incident Response on Linux
  • SOC Fundamentals
  • SIEM 101
  • Linux for Blue Team
  • Introduction to Cryptology
  • Network Log Analysis
  • Job Hunting
  • Network Fundamentals
  • Network Fundamentals II
  • Network Protocols
  • Security Solutions
  • Security Solutions -2
  • Cybersecurity Incident Handling Guide
  • Secure Network Design
  • Network Design and Security Products
  • Network Security
  • Bash Scripting for Blue Team
  • Introduction to Python
  • Python for Blue Team
  • Vulnerability Management
  • Security Audit and Testing
  • Introduction to Bash Scripting (LetsDefend)
Copy of Paths Templates - 1080x1350 (1)
We have introduced a range of AI-powered tools built to help you navigate complex cybersecurity content on HTB Academy.
Key updates:
HTB Coach.
Get contextual technical explanations, summaries, and quizzes based on the specific section you are currently reading.
Multilingual translation.
Dynamically translate module content into Hindi, Arabic, Spanish, French, Chinese, Greek, and Japanese while preserving the correct code blocks and commands.
This is our first step into AI-augmented learning, designed to reduce learning burnout and help you level up faster.
These features will soon also be live for HTB Enterprise teams.
Expand your training with a new exclusive Machine and Sherlock.
PandorasBox
| Exclusive Machine
Target an LLM-integrated system and train on modern attack techniques such as prompt injection and SSRF in this Medium difficulty Linux machine. Manipulate the LLM to access internal services, exploit a backup system for remote code execution, and escalate privileges through command injection in a system management script.
IncipientBreeze-3
| Exclusive Sherlock
Complete the IncipientBreeze investigation series by analyzing the TINYSHELL backdoor used by UNC3886. Apply what you learned on IncipientBreeze-1 & 2 to reverse the malware, decrypt the network traffic and uncover what the attacker did and if they exfiltrated any sensitive files.
Copy of HTB Enterprise Platform Content Releases Templates - 1080x1350
Three new CTF packs have landed, giving you the ability to assess your team’s skills across emerging AI threats, aerospace cyber operations, and industrial control system security.
  • OWASP Top 10 Agentic AI Security takes players through 10 realistic scenarios covering the latest OWASP Top 10 for Agentic Applications 2026 risks, including prompt injection, identity abuse, agent supply chain attacks, and unexpected code execution.
  • Integrated Air Defense challenges players to assess aviation control systems through realistic aerospace scenarios involving RF protocols, avionics buses, AFDX cross-domain controls, and surveillance systems.
  • ICS Security Essentials introduces the fundamentals of securing industrial environments, with scenarios covering industrial protocols, PLC security, OT network analysis, and common weaknesses across critical infrastructure.
Agentic AI_ ICS packs
We have launched a new medium-difficulty defensive module, Introduction to Detection Engineering, on Hack The Box (HTB) Academy. This module introduces the foundational and advanced concepts required to think and operate like a modern detection engineer.
The sections explain how attackers operate within Windows environments and how operating system telemetry exposes those specific behaviors. Through hands-on tasks, you will simulate real-world attack techniques and design functional detection queries to convert raw telemetry into actionable alerts.
Introduction to Detection Engineering

new

Academy

Enterprise

Offensive

Introducing the new Red Team Mindset module

We have released a new medium-difficulty module on HTB Academy, designed to introduce you to the operational and strategic realities of adversary simulation. The Red Team Mindset module covers the foundational concepts of red teaming, explaining how these engagements differ from traditional penetration testing and how they are executed from kickoff to completion.
You will explore the specific roles and responsibilities of red, blue, and white teams during an engagement. The course also addresses critical ethical boundaries, communication protocols with stakeholders, and how artificial intelligence is shifting the landscape of modern adversary simulation.
1200x630 - Red Team Mindset
Load More