Changelog

Follow up on the latest improvements and updates.

RSS

SOC Range is now available on HTB Enterprise Platform for all Enterprise Workforce Development plans.
SOC Range brings process-driven defensive training into a realistic SOC workflow, giving analysts a simulated alert queue where they can claim investigations, triage incoming alerts, identify false positives, navigate SIEM-like tooling, and execute guided playbooks.
  • Manage active alert queues, personal investigations, and closed cases through Alert Backlog and My Investigations.
  • Use integrated SOC tooling for log analysis, endpoint containment, mailbox remediation, and threat intel or sandbox review.
  • Build operational readiness through guided, alert-specific playbooks, artifact documentation, analyst notes, and automatic report generation.
Spaces just got a big makeover.
The (new) Spaces are introducing a unified structure for organizing and delivering enterprise training content. They now support mixed content types in a single learning path, allowing admins to combine Academy Modules, Machines, Challenges, and Sherlocks instead of managing separate Spaces by content type.
Now you can:
  • Combine theory and hands-on practice into one structured training path
  • Use Public Spaces for organization-wide training or Private Spaces for invite-only programs, assessments, and mission-readiness drills
  • Manage visibility separately from license access, with platform-level progress tracking across Spaces
  • Access a dedicated leaderboard and progress metrics based on wholistic knowledge domain completion
This update reduces duplicate setup and learner context switching by moving training organization from content silos to mission-based Spaces.
We have launched two new preparation tracks on HTB Labs to help you prepare for the HTB Certified Junior Cybersecurity Associate (HTB CJCA) and Certified Active Directory Pentesting Expert (HTB CAPE) examinations of HTB Academy. These tracks are designed to reinforce the practical skills taught in their respective job-role paths through targeted, hands-on environments.
HTB CJCA Preparation Track
This track helps you practice the core hands-on skills required for the HTB CJCA exam. You will face focused Machines that cover enumeration, exploitation, privilege escalation, and basic security analysis.
HTB CAPE Preparation Track
Built for advanced learners preparing for the HTB CAPE exam, this track features complex Active Directory labs. You will test your skills in advanced enumeration, lateral movement, privilege escalation, and full domain compromise.
Finding what you need in a write-up just got easier.
Professional Lab and Cloud Lab write-ups are now available as downloadable PDFs, making it simpler to search, navigate, and reference scenario walkthroughs as you work.
You can download them directly from the Write-ups button in the Details section.
writeup_pdf_download
Argon is the perfect scenario for red teamers looking to train on Active Directory enumeration combined with exploitation in maritime operational systems.
The goal is to assess both the external and internal networks of Argon, a global maritime cargo and vessel transportation company. Explore the environment, pivot across trust boundaries, and evaluate the security of both its enterprise and maritime operational infrastructure.
With Argon, you will engage with techniques such as:
  • Active Directory trust abuse across hybrid environments
  • Web application compromise in cargo management systems
  • Maritime operational service exploitation
  • Pivoting between corporate and production networks
  • Cross-forest attacks and privilege escalation
  • Lateral movement through interconnected infrastructure
5 Machines. 4 Flags. Hard difficulty.
Ready to set sail?
Copy of Pro Labs and Professional Labs Templates - 1080x1350
This module provides a comprehensive introduction to the world of AI-augmented penetration testing. It covers the basic concepts and paradigms, including safe use, prompt engineering, and prompting techniques.
AI-Augmented Pentesting Foundations
The model layer is where modern AI systems are built, tuned, evaluated, and attacked. This module takes you inside it on a real model you run yourself, to see not just how it works but where it breaks.
1200x630
This path is designed to help cybersecurity professionals prepare for the Google Cybersecurity Certificate and is now available on HTB Enterprise platform as part of the LetsDefend acquisition!
By completing this path, you'll gain the knowledge and hands-on experience needed to succeed in the Google Cybersecurity Certificate. Throughout the modules, you'll explore cybersecurity best practices, Linux and scripting fundamentals, threat and vulnerability management, and the use of SIEM technologies in modern security operations.
Modules included in this path are:
  • Network Packet Analysis
  • Incident Response on Windows
  • Incident Response on Linux
  • SOC Fundamentals
  • SIEM 101
  • Linux for Blue Team
  • Introduction to Cryptology
  • Network Log Analysis
  • Job Hunting
  • Network Fundamentals
  • Network Fundamentals II
  • Network Protocols
  • Security Solutions
  • Security Solutions -2
  • Cybersecurity Incident Handling Guide
  • Secure Network Design
  • Network Design and Security Products
  • Network Security
  • Bash Scripting for Blue Team
  • Introduction to Python
  • Python for Blue Team
  • Vulnerability Management
  • Security Audit and Testing
  • Introduction to Bash Scripting (LetsDefend)
Copy of Paths Templates - 1080x1350 (1)
We have introduced a range of AI-powered tools built to help you navigate complex cybersecurity content on HTB Academy.
Key updates:
HTB Coach.
Get contextual technical explanations, summaries, and quizzes based on the specific section you are currently reading.
Multilingual translation.
Dynamically translate module content into Hindi, Arabic, Spanish, French, Chinese, Greek, and Japanese while preserving the correct code blocks and commands.
This is our first step into AI-augmented learning, designed to reduce learning burnout and help you level up faster.
These features will soon also be live for HTB Enterprise teams.
Expand your training with a new exclusive Machine and Sherlock.
PandorasBox
| Exclusive Machine
Target an LLM-integrated system and train on modern attack techniques such as prompt injection and SSRF in this Medium difficulty Linux machine. Manipulate the LLM to access internal services, exploit a backup system for remote code execution, and escalate privileges through command injection in a system management script.
IncipientBreeze-3
| Exclusive Sherlock
Complete the IncipientBreeze investigation series by analyzing the TINYSHELL backdoor used by UNC3886. Apply what you learned on IncipientBreeze-1 & 2 to reverse the malware, decrypt the network traffic and uncover what the attacker did and if they exfiltrated any sensitive files.
Copy of HTB Enterprise Platform Content Releases Templates - 1080x1350
Load More