Thinking about testing new skills before your next hands-on engagement or certification? Of course you are. Good news: Hack The Box (HTB) has reloaded our stock of Pro Labs with new scenarios to build confidence in your ability to succeed, and with a big discount for the annual plan running until the end of November.

Get access to 26+ Pro Labs and 25% discount on the annual plan using this code on checkout: .

If you are interested in knowing more about Pro Labs and the new additions, read all about it here →

Kickstart your certification journey with the Silver Annual subscription on HTB Academy. Now, we're including an extra HTB CJCA exam voucher, so you can learn the basics of cybersecurity and then proceed to the certification of your choice!

This extra voucher is also available on the Gold Annual plan.

The HTB CJCA certification was designed to help beginners break into cybersecurity with practical, hands-on training. By including it in our annual plans, we’re making it easier to go from zero to pro, all within Hack The Box.

Now, one annual subscription supports your entire certification path:

It’s more value, more progress, and more recognition, all rolled into your HTB plan.

P.S. If you bought your Silver or Gold Annual subscription recently, don't worry! We are also adding this extra voucher for annual plan purchases after September 1, 2025.

Exploring Labs just got a lot easier!

Our new improved search functionality helps you find what you’re looking for based on content relevance, not just content names. Now, if you type Active Directory, you’ll instantly see all related challenges and machines rather than guessing and scrolling to find what you were looking for.

This update makes it easier to:

Two new CTF packs have just dropped, designed to build hands-on expertise in forensics and blockchain.

Featuring nine new challenges (with one more coming soon!) for entry-level cyber defense analysts, this pack includes a diverse set of forensics challenges designed to emulate real-world attack scenarios across network, memory, and host-based evidence. Players will investigate complex, multi-stage intrusions ranging from CVE exploitation and phishing to memory-based evasions and malware persistence.

Complete with 10 challenges built for entry-level penetration testers and security-minded developers, this pack introduces players to the fundamentals of Ethereum smart contracts, transaction mechanics, and on-chain investigation through a progression of realistic, hands-on challenges. From basic account and RPC interaction to reading contract storage and interacting with deployed contracts, participants will learn how blockchain primitives and common Solidity patterns work in practice and how insecure designs can be abused.

We’ve just introduced a major enhancement to how content is displayed across the HTB Enterprise Platform designed to make browsing, managing, and understanding training content faster, clearer, and more consistent.

What’s new?

With this update, it’s now easier to:

The new content cards are currently available in Dedicated Lab view, Dedicated Lab manage, and Academy Lab view with more improvements to other platform pages coming soon!

The module introduces various Linux process injection techniques, from basic to advanced, from both local and remote standpoints. It focuses on how ELF sections and dynamic-linking structures can be abused for execution flow hijacking and evasion while overriding potential memory protections. It also explores the various detection opportunities and dynamic analysis techniques that can be employed for prevention and mitigation tasks.

Key learning outcomes:

mirrors the structure, complexity, and progression of a real-world Active Directory (AD) penetration test or red team engagement. In this scenario, you’ll practice operating covertly without triggering detection mechanisms. Along the way, you'll see detections in near real time and be able to tune your actions accordingly.

After completing the 12 machines and 12 flags included in the lab, you’ll understand how initial access through weak credentials can escalate to full Enterprise Admin control while experiencing first-hand how stealthy movement, credential abuse, and certificate exploitation allow teams to test resilience without touching production.

Learning outcomes include:

Two new time-efficient Professional Lab scenarios are now live: and .

Sidecar and Push are small Active Directory scenarios that simulate real-world Windows environments and contain two machines and two flags each. Sidecar simulates PKI abuse, detecting certificate-based persistence, and how shadow credentials enable stealthy lateral movement. Push covers advanced attack techniques including ClickOnce application exploitation, SCCM coercion, and ADCS exploitation via Golden Certificate attacks.

You’ll gain practical skills in:

We’ve just upgraded how you connect your Hack The Box (HTB) account to Discord, and made it easier than ever to get verified.

✅ No HTB Labs? No problem.

Verification now runs through your HTB Account! To connect, go to the Security Settings section of your HTB Account Portal. Scroll down to the Discord Account section and click Connect.

🌟 Why link your HTB Account to Discord?

👉 Follow the updated steps in our Welcome Guide here!

We’ve given HTB Academy a major facelift to boost your learning experience. Try our Academy 2.0 (Beta) and enjoy:

Try it now and let us know what you think → 💬