new
Labs
Offensive
New time-efficient Pro Labs available on HTB Labs
Control, Push, Sidecar and Intercept are now available on HTB Labs!
Control
and Intercept
are small Active Directory scenarios that simulate configuration gaps in enterprise systems. - Control (2 machines, 3 flags) focuses on multi-stage attacks involving web exploitation, abuse of management tooling (OSCTRL / osquery), and operational misconfigurations
- Intercept (2 machines, 2 flags) covers common AD weaknesses, demonstrating relay and authentication coercion attacks to gain domain access
Skills you’ll build:
- Web exploitation and container escape
- Credential discovery and misuse
- NTLM relay and authentication coercion
- Active Directory Certificate Services (ADCS) abuse
Sidecar
and Push
are small Active Directory scenarios simulating real-world Windows environments (2 machines, 2 flags each).- Sidecar focuses on PKI abuse, certificate-based persistence, and shadow credentials for stealthy lateral movement
- Push explores advanced techniques like ClickOnce exploitation, SCCM coercion, and ADCS Golden Certificate attacks
Skills you’ll build:
- Shadow Credential and Kerberos attacks
- Privilege abuse and malicious shortcut files
- ClickOnce and SCCM exploitation
- ADCS Golden Certificate attacks
- Advanced lateral movement in Windows environments
