Hack The Box
Roadmap
Feedback
Changelog

Changelog

Follow up on the latest improvements and updates.

RSS

new

improved

Academy

Profile

Introducing public certificate pages

HTB Academy certificate holders now have access to dedicated, public-facing pages for every certification earned. These pages offer a professional, verifiable way to showcase your technical expertise to employers and the community.
How it works:
Users can access these pages directly through their HTB Profile. Clicking on any earned certificate credential takes you to that certificate's dedicated public page.
Key features include:
  • Unique public URL for every earned certification.
  • You can share it on LinkedIn and social media.
  • Verification to confirm the authenticity of your achievement.
👉 View your certificates here
image (20)

new

improved

Academy

HTB Academy 2.0 platform migration

The HTB Academy platform has officially migrated to Academy 2.0. This update establishes the new interface as the primary environment for all learners. It’s faster, smoother, and built to power the next wave of content, features, and skill progression.
The previous interface has been retired to ensure a unified experience across the platform.
👉 Step into Academy 2.0

new

Labs

Academy

Capture The Flag

HTB Profile is now live

HTB Profile introduces a centralized view of your achievements and skills across Hack The Box platforms.
With the HTB Profile, you can:
  • Create a complete overview of your acquired skillset, inside and outside of HTB
  • Track certifications, CTF events, and all HTB achievements in one place.
  • Access an automatically updated profile based on platform activity.
  • Share your profile with peers and recruiters
Learn more about it here.
👉 Access your HTB Profile
Screenshot 2026-02-13 at 18

new

Academy

Enterprise

Defensive

Learn how attackers abuse core Windows mechanisms in new Academy module

The Privilege Escalation Tradecraft Analysis module covers the analytical study of privilege escalation tradecraft on Windows, from its role in the attack lifecycle to how it can be detected and investigated. While completing this module, you will analyze real-world techniques and exploits to understand how they work internally and learn how to translate this knowledge into effective and reliable detection strategies.
Key learning outcomes:
  • Exploring where Windows privilege escalation fits within the attack lifecycle and how elevated access enables attacker objectives
  • Breaking down Windows privilege escalation tradecraft by examining abuse of UAC, access tokens, services, kernel drivers, and COM infrastructure
  • Recognizing and deconstructing real-world Windows privilege escalation techniques, including UAC bypasses, access token manipulation, and service account abuse
  • Leveraging reverse engineering, debugging, and API call flow analysis to reveal how privilege escalation exploits function under the hood
  • Connecting privilege escalation behavior to MITRE ATT&CK and converting technical insight into practical detection, investigation, and response strategies
Privilege Escalation Tradecraft Analysis

new

Academy

Enterprise

Offensive

Introducing the HTB Certified Wi-Fi Pentesting Expert (CWPE)

HTB CWPE is a hands-on, cloud-based certification that brings wireless security training into the modern age. Paired with the WiFi Penetration Tester Job-Role Path, it's one of the few programs to offer a holistic curriculum, real-world practice with WPA3 attacks, and doesn’t require specific hardware or complex setups.
Included in the job-role path and certification are learning material and hands-on labs that focus on how attackers actually approach wireless environments: reconnaissance, exploiting weak configurations, credential attacks, evil twins, captive portals, and full corporate Wi-Fi attack chains for anyone who wants to properly understand and test wireless security, not just check a box.
Get started with HTB CWPE here or learn more on our blog here.
HTB CPWE OG Banner

new

Academy

Enterprise

Offensive

Explore real-world Android vulnerabilities in new Academy module

The
Android Attacks
module provides a structured, hands-on introduction to the most common and impactful security risks affecting modern mobile applications. By completing the module, you will learn how mobile vulnerabilities arise, how to categorize them based on known mobile security frameworks, how they are exploited in real applications, and how to identify and remediate them using techniques learned in the previous modules.
Key learning outcomes:
  • Understanding the OWASP Mobile Top 10 and how modern mobile security risks span apps, APIs, networks, and cryptography
  • Analyzing Android application architecture to identify key mobile attack surfaces and misconfigurations
  • Identifying and exploiting Android vulnerabilities mapped to the OWASP Mobile Top 10, including auth, storage, communication, and cryptography flaws
  • Applying analysis techniques to uncover insecure storage, weak crypto, exposed components, and reverse-engineering gaps
  • Mapping mobile vulnerabilities to real attacker behaviors and applying practical remediation and hardening strategies
Android Attacks (1)

new

Academy

Enterprise

Defensive

Discover WMI (Windows Management Instrumentation) based attack and analysis techniques in new Academy module

The
WMI Tradecraft Analysis
module provides a deep technical analysis of WMI tradecraft from both attacker and defender perspectives. While completing the module, you will learn how WMI is abused for execution, lateral movement, persistence, and stealthy backdoor deployment, as well as how to detect, hunt, and investigate malicious WMI activity using logs, ETW, and low-level artifacts.
Key learning outcomes:
  • Understanding WMI architecture and execution flow, including providers, namespaces, repositories, and COM-based service activation
  • Querying and analyzing WMI data using PowerShell to assess system configuration, processes, and services
  • Identifying malicious and anomalous WMI activity by examining execution context, process relationships, and remote usage patterns
  • Mapping WMI abuse to MITRE ATT&CK techniques and applying monitoring strategies to detect lateral movement, living-off-the-land execution, and persistence in Windows environments
WMI Tradecraft Analysis (1)

new

Labs

Academy

Capture The Flag

Features

HTB Account integration with LetsDefend

HTB Account has now been fully integrated into the LetsDefend platform.
What this means for Community Platform users:
  • Going forward, new registrations to LetsDefend will be available only via an HTB account
  • Existing users will have the option to link their LetsDefend account to an existing HTB account
For a short transition period, there will be two sign-in options:
  • Sign in with an existing LetsDefend account
  • Sign in via an HTB account
image (32)
image (33)

new

Academy

Enterprise

Offensive

Full AI Red Teamer Job Role Path now available

The AI Red Teamer Job Role Path, built in collaboration with Google, is now fully complete!
This path equips cybersecurity professionals with the cutting-edge skills needed to assess, exploit, and secure today’s AI-powered systems. With 12 hands-on modules aligned to Google’s Secure AI Framework (SAIF), you’ll explore everything from prompt injection and model privacy attacks to adversarial AI techniques, supply chain risks, and deployment-level threats.
As you move through the path, you’ll work through real-world AI security scenarios, learning how to influence model behavior, craft AI-specific red teaming strategies, and execute offensive security testing against AI-driven applications.
Modules included in this path are:
  • Fundamentals of AI
  • Applications of AI in InfoSec
  • Introduction to Red Teaming
  • Prompt Injection Attacks
  • LLM Output Attacks
  • AI Data Attacks
  • Attacking AI - Application and System
  • AI Evasion - Foundations
  • AI Evasion - First Order Attacks
  • AI Evasion - Sparsity Attacks
  • AI Privacy
  • AI Defense
Screenshot 2025-12-08 at 1

new

Academy

Enterprise

Defensive

Master AI Privacy and Defense with two new Academy modules

The
AI Privacy
module introduces you to one of the most critical privacy threats in machine learning: the ability to determine whether a specific individual’s data was included in a model’s training set. You’ll explore how overfitting creates detectable behavioral signals, implement real membership inference attacks using the shadow model methodology, and apply industry‑recommended defenses such as differential privacy.
Key learning outcomes:
  • Implementing shadow models and attack classifiers to detect membership based on prediction confidence patterns
  • Understanding differential privacy and applying DP-SGD to train privacy‑preserving models
  • Using PATE to achieve privacy through architectural separation
  • Evaluating and mitigating privacy leakage across machine learning systems
Screenshot 2025-12-08 at 1
The
AI Defense
module introduces you to the strategies and techniques for protecting AI applications from attacks explored in the AI Red Teamer path. You’ll explore how to proactively harden models through adversarial training and tuning, as well as implement LLM guardrails to enforce safety and reliability at the application layer.
Key learning outcomes:
  • Understanding adversarial tuning and applying it to refine model behavior against evolving threats
  • Learning the basic concepts of LLM guardrails and implementing them at the application layer
  • Building multi-layered defenses that combine model-level and application-level safeguards
  • Designing AI applications that maintain security, reliability, and user trust against a variety of attack vectors
Screenshot 2025-12-08 at 1
Load More