Hack The Box
Roadmap
Feedback
Changelog
Back to changelog
Powered by Canny

new

Labs

Enterprise

Offensive

Defensive

Attack and defend on the recent Next.js vulnerability

Enhance your exploitation and investigation skills with our new
CVE-2025-29927
scenario combo!
In the first part, you’ll take on the role of an attacker in an offensive Challenge. Your goal is to emulate the actions of a threat actor: trace their path, exploit the CVE, and retrieve the flag.
Next, you’ll switch gears with our latest Sherlock, where you’ll become the investigator. You'll analyze logs across the application stack to piece together how the attack unfolded.
Learning outcomes:
  • Understand how CVE-2025-29927 is exploited
  • Learn to trace attacker behaviors through log analysis
  • Practice hands-on skills along a threat actor's attack chain
  • Build confidence in both threat emulation and incident investigation
Start practicing with Dedicated Labs→
Don't have access to HTB Enterprise Platform?
Start a 14-day business trial FOR FREE →
Want to add new skills to your utility kit?
Login to HTB Labs today →
HTB_Sherlocks-Machines_NeuroSync & NeuroSync-D_1200x675