#academy-announcements

Channel for updates relating to academy(new modules etc)

New module!

Active Directory Trust Attacks
Hard
Offensive
Tier III

https://academy.hackthebox.com/course/preview/active-directory-trust-attacks

New module!

Introduction to Binary Fuzzing

Tier: III
Difficulty: Hard
Category: Offensive
Description:

Fuzzing is a powerful software testing technique that deliberately introduces chaos into your applications. By bombarding your code with unexpected or malformed inputs, fuzzing reveals hidden bugs and security vulnerabilities that might otherwise go unnoticed. This module will explore the history, theory, and practical applications of fuzzing, teaching you how to use this technique to find critical issues in software.

https://academy.hackthebox.com/course/preview/introduction-to-binary-fuzzing

Major module update!

Attacking Authentication Mechanisms
(Part of CWEE)

Entirely new module content and exercises 🔥
Already own the module? You get the new content for free! 🥳

Tier: III
Difficulty: Medium
Category: Offensive
Description:

Authentication plays an essential role in almost every web application. If a vulnerability arises in the application's authentication mechanism, it could result in unauthorized access, data loss, or potentially even remote code execution, depending on the application's functionality. This module will provide an overview of various access control methods, such as JWT, OAuth, and SAML, and potential attacks against each.

https://academy.hackthebox.com/module/details/170

🚀 Academy Tutoring Upgrade! 🚀

Hey Academy Community,

We're revamping our tutoring system! Say goodbye to Discord tutoring and hello to Academy Solutions – a step-by-step solutions for every module question directly on our platform. This is only available for Gold & Silver Annual Subscribers.

Why using Academy Solutions? It will help you overcome learning blockers and conquer complex concepts with ease. Upgrade to annual now and accelerate your cybersecurity journey!

New module!

Introduction to Windows Evasion Techniques

Tier: III
Difficulty: Hard
Category: Offensive
Description:

In this module we will cover the basics of evading antivirus solutions (Windows Defender specifically) from an attackers point-of-view.

https://academy.hackthebox.com/course/preview/introduction-to-windows-evasion-techniques

New module!

DACL Attacks II

Tier: III
Difficulty: Hard
Category: Offensive
Description:

In this second module on Discretionary Access Control Lists (DACLs), we delve into sophisticated attack techniques and strategies within Windows Active Directory environments. Building on the foundation laid in DACL Attacks I, this module explores other DACL misconfigurations and their exploitation. We also introduce methods for detecting and mitigating these DACL-based attacks, equipping learners with both offensive and defensive skills crucial for safeguarding and compromising Active Directory networks.

https://academy.hackthebox.com/course/preview/dacl-attacks-ii

All pending CDSA & CBBH exams should now be graded.(5/20/24)

New module!

Intro to C2 Operations with Sliver

Tier: III
Difficulty: Hard
Category: Offensive
Description:

Active Directory is present in over 90% of corporate environments and it is the prime target for attacks. This module covers the attack chain from getting the initial foothold within a corporate environment to compromising the whole forest with Sliver C2 and other open-source tools.

https://academy.hackthebox.com/course/preview/intro-to-c2-operations-with-sliver

Hey all,

Quick reminder to everyone regarding the HTB Account.

Please make sure to create one, and link your HTB Academy account to it.

More information on how to do so can be found here:https://help.hackthebox.com/en/articles/8937845-htb-account-for-academy

[Major Module Update]

Intro to Academy

The 'Intro to Academy' module has been fully rewritten to be a better "and more fun" guide for new joiners, as well as an excellent references for existing users.
Check it out to understand the vision of HTB Academy and better plan your way through it 😎

[Major Module Update]

Broken Authentication
(Part of CBBH)

Entirely new module content and exercises 🔥
Already own the module? You get the new content for free! 🥳

Tier: II
Difficulty: Medium
Category: Offensive
Description:

Authentication is probably the most straightforward and prevalent measure used to secure access to resources, and it's the first line of defense against unauthorized access. Broken authentication is listed as #7 on the 2021 OWASP Top 10 Web Application Security Risks, falling under the broader category of Identification and Authentication failures. A vulnerability or misconfiguration at the authentication stage can impact an application's overall security.

[Major Module Update]

Information Gathering - Web Edition
(Part of CBBH)

Entirely new module content and exercises 🔥
Already own the module? You get the new content for free! 🥳

Tier: II
Difficulty: Easy
Category: Offensive
Description:

This module equips learners with essential web reconnaissance skills, crucial for ethical hacking and penetration testing. It explores both active and passive techniques, including DNS enumeration, web crawling, analysis of web archives and HTTP headers, and fingerprinting web technologies.

[New Module]

API Attacks

Best practice for using and attacking APIs 🔥
Will be replacing Web Services & API Attacks soon, as part of CBBH

Tier: II
Difficulty: Medium
Category: Offensive
Description:

Web APIs serve as crucial connectors across diverse entities in the modern digital landscape. However, their extensive functionality also exposes them to a range of potential attacks. This module introduces API Attacks, with a specific focus on the OWASP API Security Top 10 - 2023.

[New Module]

Windows Lateral Movement

Tier: III
Difficulty: Medium
Category: Offensive
Description:

Windows lateral movement involves techniques to navigate and control remote systems within a network, primarily after gaining initial access. It is crucial in offensive and defensive cybersecurity strategies, allowing attackers to escalate privileges, access sensitive data, and expand their network presence while helping defenders understand, identify, and mitigate such movements. This module delves into various lateral movement techniques on Windows systems, providing a comprehensive understanding and practical examples of executing and defending against these methods.

[Major Module Update]

Server-side Attacks
(Part of CBBH)

Entirely new module content and exercises 🔥
Already own the module? You get the new content for free! 🥳

Tier: II
Difficulty: Medium
Category: Offensive
Description:

A backend that handles user-supplied input insecurely can lead to devastating security vulnerabilities such as sensitive information disclosure and remote code execution. This module covers how to identify and exploit server-side bugs, including Server-Side Request Forgery (SSRF), Server-Side Template Injection (SSTI), and Server-Side Includes (SSI) injection attacks.

[New Module]

Web Fuzzing

Learn about various web and API fuzzing tools and techniques 🔥
Will be replacing Attacking Web Applications with Ffuf soon, as part of CBBH

Tier: 0
Difficulty: Easy
Category: Offensive
Description:

In this module, we explore the essential techniques and tools for fuzzing web applications, an essential practice in cybersecurity for identifying hidden vulnerabilities and strengthening web application security.

[New Module]

MSSQL, Exchange, and SCCM Attacks
(final module in the Active Directory Penetration Tester job role path)

Tier: III
Difficulty: Hard
Category: Offensive
Description:

This module covers attacks targeting tightly incorporated technologies in Active Directory environments such as MSSQL, Exchange, and SCCM, and how to identify them.

[New Job Role Path] 🔥

Active Directory Penetration Tester

Begin your journey towards our next advanced pentesting cert!
Coming later this year

Modules: 15
Sections: 253
Difficulty: Hard
Category: Offensive
Cost: 7100 cubes "or free with Gold Annual Subscription"

The Active Directory Penetration Tester Job Role Path is designed for individuals who aim to develop skills in pentesting large Active Directory (AD) networks and the components commonly found in such environments. This path equips students with the skills needed to evaluate the security of AD environments, navigate complex Windows networks, and identify elusive attack paths. This path includes advanced hands-on labs where participants will practice techniques such as Kerberos attacks, NTLM relay attacks, and the abuse of services like AD Certificate Services (ADCS), Exchange, WSUS, and MSSQL. Students will also learn how to exploit misconfigurations in Active Directory DACLs and Domain Trusts, perform evasion tactics in Windows environments, and leverage Command and Control (C2) frameworks for post-exploitation activities. By combining theoretical foundations with practical exercises and a structured methodology for identifying AD vulnerabilities, this path enables students to conduct professional security assessments on complex AD infrastructures and effectively report security weaknesses discovered by chaining multiple vulnerabilities.

[New Module]

Attacking GraphQL

Learn how to pentest GraphQL APIs 🔥
Will be replacing Session Security soon, as part of CBBH

Tier: II
Difficulty: Medium
Category: Offensive
Description:

GraphQL is a query language for APIs as an alternative to REST APIs. Clients are able to request data through GraphQL queries. If improperly configured or implemented, common web security vulnerabilities such as Information Disclosure, SQL Injection, and Insecure Direct Object Reference (IDOR) may arise.

[Major Module Update]

Login Brute Forcing
(Part of CBBH)

Entirely new module content and exercises 🔥
Already own the module? You get the new content for free! 🥳

Tier: II
Difficulty: Easy
Category: Offensive
Description:

The module contains an exploration of brute-forcing techniques, including the use of tools like Hydra and Medusa, and the importance of strong password practices. It covers various attack scenarios, such as targeting SSH, FTP, and web login forms.

[New Module]

Wi-Fi Penetration Testing Basics

Our first "but not last" module into Wi-Fi pentesting 🔥
No Wi-Fi hardware required! Everything is simulated within Hack The Box Academy! 😎

Tier: II
Difficulty: Medium
Category: Offensive
Description:

In today's digital age, wireless networks are ubiquitous, connecting countless devices in homes, businesses, and public spaces. With this widespread connectivity comes an increased risk of security vulnerabilities that can be exploited by malicious actors. As such, understanding and securing Wi-Fi networks has become a crucial aspect of cybersecurity. Whether you are an aspiring ethical hacker, a network administrator, or simply a tech enthusiast, gaining a solid foundation in Wi-Fi penetration testing is essential for safeguarding your digital environment.

[New Module]

User Behavior Forensics

A new class of defensive content starts today! 📘
Learn how to investigate an attacker's behavior on a post-attack Windows machine. 🔍

Tier: III
Difficulty: Medium
Category: Defensive
Description:

This module covers the critical aspects of user behavior analysis by exploring Windows artifacts. It is specifically designed for digital forensic analysts, incident responders, cybersecurity professionals, and law enforcement officers who seek to investigate the digital footprints left behind by users. It emphasizes examining user-centric artifacts that reveal user activities, preferences, and potential malicious behaviors.

[New Module]

Attacking Wi-Fi Protected Setup (WPS)

A second Wi-Fi pentesting module! 🔥
*No Wi-Fi hardware required! Everything is simulated within Hack The Box Academy! 😎 *

Tier: II
Difficulty: Medium
Category: Offensive
Description:

In this module, we delve into the intricacies of WPS, uncovering the common vulnerabilities that plague this technology. From brute-force attacks to more sophisticated exploitation techniques, we will explore how attackers compromise WPS-enabled networks. By understanding these vulnerabilities and their related attacks, you will gain the knowledge necessary to protect your networks and mitigate the risks associated with WPS.

[New Module]

Malicious Document Analysis

Another defensive module! 📘
Learn how to safely investigate malicious documents and "unpack" their secrets. 🔍

Tier: III
Difficulty: Medium
Category: Defensive
Description:

[New Module]

Wired Equivalent Privacy (WEP) Attacks

Another Wi-Fi pentesting module! 🔥
*No Wi-Fi hardware required! Everything is simulated within Hack The Box Academy! 😎 *

Tier: II
Difficulty: Medium
Category: Offensive
Description:

In this module, we delve into Wired Equivalent Privacy (WEP) and the various attacks that can compromise it. We'll explore how to identify access points configured with WEP and demonstrate different methods to exploit its vulnerabilities. As WEP is an outdated and insecure protocol, understanding its weaknesses is crucial for recognizing the need to upgrade to more secure protocols. This module aims to provide insights into WEP's vulnerabilities and practical techniques for testing its security.

[New Module]

Fundamentals of AI

Your best intro into the world of AI and ML! 🔥
Understand how Artificial Intelligence and Machine Learning work 🧠

Tier: 0
Difficulty: Medium
Category: General
Description:

This module provides a comprehensive guide to the theoretical foundations of Artificial Intelligence (AI). It covers various learning paradigms, including supervised, unsupervised, and reinforcement learning, providing a solid understanding of key algorithms and concepts.

[New Module]

Intro to Academy's Purple Modules

What happens when you mix red & blue?! 🟪

We’re thrilled to unveil Purple Modules — a revolutionary addition to HTB Academy that bridges the gap between offensive and defensive cybersecurity.
These modules offer a seamless, in-depth forensic analysis experience after completing the attack part in each section.

This module also introduces a new module type called Threat Spotlight — bite-sized modules specifically designed to address critical vulnerabilities that are currently impacting the cybersecurity landscape, with a particular focus on significant CVEs.

Tier: 0
Difficulty: Medium
Category: Purple
Description:

This module will introduce you to HTB Academy's Purple modules, which bridge the gap between Offensive and Defensive modules and provide a holistic view of both the attacking and defending perspectives on the covered topics. More specifically, the Purple modules will allow for in-depth forensic analysis through detailed logging, traffic and memory capturing, and an installed DFIR toolset within each target after completing the attack part of each section.

Hey hey!
Milestones are essential; they showcase your endurance and diligence on the road to personal growth! We created new Custom Badges for you to broadcast your commitment to refining your craft with HTB Academy over the years! 
🎖️ Have you collected any badges?
I hope you all cross into next year ready to face it down ✊

[New Certificate]

HTB Certified Active Directory Pentesting Expert (HTB CAPE)
+ 🔥 25% OFF on Gold Annual Plan — for a limited time!

HTB CAPE (Certified Active Directory Pentesting Expert) isn’t your typical certification – it’s a deep dive into the real-world challenges of AD and Windows penetration testing. Whether you're defending your own systems or testing others’, this certification sharpens your skills in identifying and exploiting AD vulnerabilities. It will set you apart in the field of Active Directory security as you master advanced attack paths, complex misconfigurations, and everything in between.

If you're ready to prove your AD pentesting techniques and gain a competitive edge in cybersecurity, the HTB CAPE certification is for you! 🔥

This certification and its associated Active Directory Penetration Tester job-role path are part of our advanced, specialized module series. The Gold Annual Plan gives you immediate access to the full job-role path and exam voucher, along with additional benefits. To celebrate the launch, we’re offering a limited-time 25% discount on the Gold Annual Plan "until Jan 2nd, 2025".

[New Module]

Introduction to Information Security

New to InfoSec? This module is for you! 🔥
This module is your first step into the world of information security 📖

Tier: 0
Difficulty: Fundamental
Category: General
Description:

This theoretical module provides a comprehensive introduction to the foundational components of information security, focusing on the structure and operation of effective InfoSec frameworks. It explores the theoretical roles of security applications across networks, software, mobile devices, cloud environments, and operational systems, emphasizing their importance in protecting organizational assets. Students will gain an understanding of common threats, including malware and advanced persistent threats (APTs), alongside strategies for mitigating these risks. The module also introduces the roles and responsibilities of security teams and InfoSec professionals, equipping students with the confidence to advance their knowledge and explore specialized areas within the field.

[New Module]

Attacking WPA/WPA2 Wi-Fi Networks

Learn how to hack into the most commonly used today Wi-Fi encryption mode! 🔥
*No Wi-Fi hardware required! Everything is simulated within Hack The Box Academy! 😎 *

Tier: III
Difficulty: Medium
Category: Offensive
Description:

This module explores the security challenges of WPA and WPA2 Wi-Fi networks, focusing on WPA/WPA2-Personal and WPA/WPA2-Enterprise. Although these protocols aim to secure wireless communication, attackers can exploit various weaknesses in home and enterprise environments. This module will delve deeper into WPA-Personal and WPA-Enterprise, demonstrating multiple attack vectors to compromise each. Understanding these attack vectors will give you insight into the vulnerabilities that could compromise WPA/WPA2 networks and how to secure them.

[New Module]

Applications of AI in InfoSec

Learn how to build basic AI models and test them 🔥
handle datasets, preprocess data, and implement models for spam classification and malware detection 🧠

Tier: 0
Difficulty: Medium
Category: General
Description:

This module is a practical introduction to building AI models that can be applied to various infosec domains. It covers setting up a controlled AI environment using Miniconda for package management and JupyterLab for interactive experimentation. Students will learn to handle datasets, preprocess and transform data, and implement structured workflows for tasks such as spam classification, network anomaly detection, and malware classification. Throughout the module, learners will explore essential Python libraries like Scikit-learn and PyTorch, understand effective approaches to dataset processing, and become familiar with common evaluation metrics, enabling them to navigate the entire lifecycle of AI model development and experimentation.

[New Module]

Introduction to Penetration Testing

Your door towards penetration testing 🔥
Get to know what penetration testing is and what working in that profession entails 📖

Tier: 0
Difficulty: Fundamental
Category: Offensive
Description:

In this module, we will get into the fundamentals of penetration testing, a critical aspect of cybersecurity theory that explains how professionals in the field operate and underscores the significance of penetration testing within cybersecurity practices.

[Module Update]

Linux Fundamentals

The module has been updated to be more beginner friendly 📖
*Already own the module? You get the new content for free! 🥳 *

Tier: 0
Difficulty: Fundamental
Category: General
Description:

This module covers the fundamentals required to work comfortably with the Linux operating system and shell.

[New Module]

Detecting Access Token Manipulation Attacks

You'll be getting into advanced defensive territory! 📘 ⚠️
Learn how to detect advanced Windows privilege escalation that utilize access token manipulation attacks 🔍

Tier: IV
Difficulty: Hard
Category: Defensive
Description:

This module focuses on Windows privilege escalation techniques through access token manipulation. It covers various topics, including Windows processes, access tokens, token privileges, and token manipulation. By using tools such as API Monitor, Process Monitor, Sysmon, WinDbg, and disassemblers for analysis, we will investigate the relevant event logs and telemetry generated through Event Tracing for Windows (ETW).

[New Job Role Path]

AI Red Teamer
In collaboration with Google

Learn the latest and cutting edge AI pentesting and red teaming techniques with our new AI path.
More modules coming soon

Modules: TBA
Difficulty: Hard
Category: Offensive

The AI Red Teamer Job Role Path, in collaboration with Google, trains cybersecurity professionals to assess, exploit, and secure AI systems. Covering prompt injection, model privacy attacks, adversarial AI, supply chain risks, and deployment threats, it combines theory with hands-on exercises. Aligned with Google’s Secure AI Framework (SAIF), it ensures relevance to real-world AI security challenges. Learners will gain skills to manipulate model behaviors, develop AI-specific red teaming strategies, and perform offensive security testing against AI-driven applications. The path will be gradually expanded with related modules until its completion.

[New Module]

Introduction to Red Teaming AI

Learn the basics and fundamentals of Red Teaming AI 🔴
An intro to red teaming AI and ML systems, covering vulnerabilities and attacks. 🧠

Tier: 1
Difficulty: Medium
Category: Offensive
Description:

This module provides a comprehensive introduction to the world of red teaming Artificial Intelligence (AI) and systems utilizing Machine Learning (ML) deployments. It covers an overview of common security vulnerabilities in these systems and the types of attacks that can be launched against their components.

[New Module]

Network Foundations

Your first step into the world of networking 🌐
Get to know the main networking concepts, network types, principles, components, IP addressing, security, and internet architecture. 🛜

Tier: 0
Difficulty: Fundamental
Category: General
Description:

This course introduces the basic concepts essential to understanding the world of networking. Students will learn about various network types such as LANs and WANs, discuss fundamental networking principles including the OSI and TCP/IP models, and explore key network components like routers and servers. The course also covers important topics such as IP addressing, network security, and internet architecture, providing a comprehensive overview of networking that is crucial for any IT professional.

[New Module]

Wi-Fi Evil Twin Attacks

Tier: III
Difficulty: Medium
Category: Offensive
Description:

This module explores the concept of evil twin attacks on Wi-Fi networks, focusing on WPA2, WPA3, and WPA-Enterprise. Despite these protocols being designed with strong security measures, they remain vulnerable to social engineering and rogue access point attacks. We will delve into both manual and automated methods for executing evil twin attacks, demonstrating practical approaches for each network type. Additionally, we will cover advanced MiTM techniques, including DNS spoofing and SSL interception, to highlight how attackers can exploit compromised connections for data interception.

[New Module]

Process Injection Attacks and Detection

Tier: IV
Difficulty: Hard
Category: Defensive
Description:

This module focuses on understanding the process injection techniques attackers use to execute malicious code within the context of legitimate processes. This detection engineering module covers various injection methods, such as DLL injection, reflective DLL injection, QueueUserAPC, section mapping injection, TLS callbacks, and process hollowing, covering the implementation and detection opportunities of each approach.

[New Module]

Prompt Injection Attacks

Tier: 2
Difficulty: Medium
Category: Offensive
Description:

This module comprehensively introduces one of the most prominent attacks on large language models (LLMs): Prompt Injection. It introduces prompt injection basics and covers detailed attack vectors based on real-world vulnerability reports. Furthermore, the module touches on academic research in the fields of novel prompt injection techniques and jailbreaks.

[New Module]

Pentest in a Nutshell

Your first hands-on penetration test! ⌨️
Go through a guided penetration test simulation, designed from the grounds-up for beginners to introduce you to the world of penetration testing. 💻

Tier: 0
Difficulty: Easy
Category: Offensive
Description:

This module focuses on providing a detailed, guided simulation of a real penetration test, emphasizing the fine details of the penetration testing process. It guides you through each step, from reconnaissance to exploitation, mirroring the techniques and methodologies used by professional penetration testers. It offers hands-on experience in a controlled environment and aims to deepen understanding and sharpen skills essential for effective cybersecurity assessments.

Are you a note-taker? Well, we've made a recent update to Academy for the scribes out there.

We'd like to inform you of the new Academy Notes widget.

Academy Notes helps users stay organized during their learning journey by offering an easy way to take, save, and review notes directly within the HTB Academy platform and specifically to every Module page that has its own note widget.

[New Module]

Android Fundamentals

Get to know Android and get ready for Android pentesting! 📱
Learn about Android basics, including the OS, security, app structure, development styles, app communication, testing setup, and penetration testing.

Tier: 0
Difficulty: Fundamental
Category: General
Description:

This module introduces fundamental concepts of the Android environment, focusing on the operating system, its security features, and the structure of applications. It provides students with details about the different styles of application development and familiarizes them with their development environment. This module also explains how apps communicate in the Android environment, highlighting why this is critical information for their security. Students are also introduced to setting up a testing environment to prepare for the Application Penetration Testing process.

[New Module]

Bypassing Wi-Fi Captive Portals

Identify and bypass wi-fi captive portals! 🛜
*You know those web pages that show when you try to connect to some wifi networks? Learn how to hack those 😈 *

Tier: III
Difficulty: Medium
Category: Offensive
Description:

In this module, we delve into a range of methods for identifying and bypassing captive portals, employing both indirect and direct exploitation techniques. We cover tactics such as MAC spoofing, ARP poisoning, DNS tunneling, and credential interception, alongside direct attack vectors like Cross-Site Scripting (XSS), file upload vulnerabilities, file inclusion, and brute force attacks. Additionally, we will examine client hijacking strategies to extract credentials and circumvent portal restrictions. By understanding these attack methods, we can evaluate and enhance the security of captive portal implementations.

[New Module]

Introduction to Dynamic Analysis with WinDbg

Tier: 4
Difficulty: Hard
Category: Defensive
Description:

This module covers the fundamentals of using the debugger and examines various practical cases where dynamic analysis helps uncover malware TTPs on Windows. It extends to both user-mode and kernel-level debugging, demonstrating how to detect behaviors associated with rootkits or exploits, and how the internal structures of the kernel can reveal the presence of malware.

[Major Module Update]

Setting Up

Your all-in-one penetration testing setting up guide! ⌨️
whether you're starting your first pentest, or updating your pentesting environment as an advanced user, this module has a lot to offer for your setup.

Tier: 0
Difficulty: Fundamental
Category: Offensive
Description:

This module covers topics that will help us be better prepared before conducting penetration tests. Preparations before a penetration test can often take a lot of time and effort, and this module shows how to prepare efficiently.

[New Module]

AI Data Attacks

Ready for an AI challenge! 🧠
Learn how vulnerabilities in AI data pipelines can be exploited

Tier: 2
Difficulty: Hard
Category: Offensive
Description:

This module explores the intersection of Data and Artificial Intelligence, exposing how vulnerabilities within AI data pipelines can be exploited, ultimately aiming to degrade performance, achieve specific misclassifications, or execute arbitrary code.

[New Module]

Android Application Dynamic Analysis

Tier: 3
Difficulty: Medium
Category: Offensive
Description:

This module focuses on the real-time analysis and manipulation of Android applications to uncover vulnerabilities that arise during execution. By examining how apps behave at runtime, you'll learn to identify weaknesses that static analysis may overlook and explore techniques to intercept, modify, and monitor application behavior. Through hands-on exercises and practical examples, this module equips you with the skills needed to perform effective dynamic assessments of Android apps.

[Module Update]

Password Attacks

*already own the module? You get the new one for free! 🔥 *

Tier: 1
Difficulty: Medium
Category: Offensive
Description:

Passwords are still the primary method of authentication in corporate networks. If strong password policies are not enforced, users often choose weak, easy-to-remember passwords that can be cracked offline and leveraged to escalate access. As penetration testers, we encounter passwords in many forms during our assessments. It's essential to understand how passwords are stored, how they can be retrieved, methods for cracking weak passwords, techniques for using hashes that cannot be cracked, and how to identify weak or default password usage.

[New Module]

LLM Output Attacks

Another AI one! 🧠
Learn about vulnerabilities in LLM outputs, LLM abuse attacks, and mitigation approaches.

Tier: 2
Difficulty: Medium
Category: Offensive
Description:

In this module, we will explore different LLM output vulnerabilities resulting from improper handling of LLM outputs and insecure LLM applications. We will also touch on LLM abuse attacks, such as hate speech campaigns and misinformation generation, with a particular focus on the detection and mitigation of these attacks.

[New Module]

Android Application Malware Analysis

Dig into the dark side of mobile 🔎
Analyze advanced Android malware tactics, detection evasion techniques, and real-world 2FA theft.

Tier: 3

Difficulty: Hard

Category: Offensive

Description:

This module offers a hands-on introduction to the world of Android malware analysis. It covers common malware types, the ways they abuse system permissions, and the techniques used to avoid detection. Students will also explore advanced threats such as embedded stack-based virtual machines and the theft of two-factor authentication tokens. By the end of the course, students will be able to classify malware threats and identify malicious behaviors within Android applications.

[New Module]

Windows Kernel Telemetry & Detection Techniques

Discover how EDR-level detection engineering works behind the scenes 🔁
Understand, build, and harden telemetry-based defenses at the kernel level — covering ETW, VADs, callbacks, minifilters, syscall hooks, WFP drivers, and more.

Tier: 4
Difficulty: Hard
Category: Defensive
Description:

This module offers a deep dive into Windows kernel telemetry mechanisms from a defensive security perspective, covering a broad spectrum of telemetry sources exposed by the operating system kernel. It focuses on Event Tracing for Windows (ETW), kernel-mode drivers, and filtering drivers, exploring their roles in monitoring and analyzing system activity. The module includes the design and implementation of detection logic for various TTPs, using a combination of telemetry sources along with documented and undocumented kernel structures, data, and technologies. The module also dives comprehensively into the kernel-level internals of the various concepts that it presents and analyzes real-world use cases to illustrate their practical application in threat detection.

[New Module]

Detection & OpSec Cyber Range
#targeted-cyber-ops

Detection engineering meets operational security — in a next-gen cyber range. 💥
Launch attacks, generate logs, centralize with Splunk & Wazuh, and refine your tradecraft — all in an isolated purple lab. 🔬

The Detection & OpSec Cyber Range is a personal network sandbox (reusable/disposable infrastructure) purpose-built for hands-on detection engineering and operational security assessments.

Tier: 3
Difficulty: Medium
Category: Purple
Description:

HTB Academy’s Detection & OpSec Cyber Range is an advanced extension of the purple modules, designed to support both detection engineering and operational security assessment following user-driven attack simulations. It features isolated, fully interactive networks with Windows and Linux purple module targets, generating real-time logs and telemetry, all centrally monitored via Splunk and Wazuh. Built for both blue and red team professionals, the range's reusable infrastructure and pre-installed tooling provide a safe and dedicated environment for identifying post-attack artifacts, developing and validating detections, and evaluating tradecraft exposure, without the need to set up or manage complex, technically demanding infrastructure.

[New Module]

Active Directory Hardening - Recon & Initial Access
#mini-module

Learn how to harden AD environments against unauthenticated recon, spoofing attacks, and other early-stage vectors. 🛡️

Tier: 2
Difficulty: Medium
Category: Defensive
Description:

Active Directory (AD) presents a vast attack surface and can be challenging to secure and control. Small changes can have a cascading effect, introducing further issues into the environment. Novel attacks are released periodically, taking advantage of vulnerabilities and abusing default configurations. This module covers remediating common AD findings uncovered during penetration tests and best practices for AD hardening and ongoing maintenance, logging, and detection.

[New Module]

Wi-Fi Password Cracking Techniques

Crack the airwaves 📡
Master Wi-Fi password cracking with tools like Hashcat, rule/mask attacks, rainbow tables, and GPU/cloud-based brute-forcing.

Tier: 2
Difficulty: Medium
Category: Offensive
Description:

This module explores the various techniques used to crack Wi-Fi passwords, from traditional dictionary and brute-force attacks to more advanced strategies like precomputed hash tables, hybrid attacks, and the use of GPU acceleration. Whether you're a penetration tester, cybersecurity enthusiast, or IT professional, this guide will provide a practical overview of the tools, methods, and best practices involved in assessing the strength of wireless network credentials.

🚀 HTB Certified Junior Cybersecurity Associate (HTB CJCA) is here!

Ready to break into cyber security the right way?
HTB CJCA is the first hands-on, entry-level cert that blends Red & Blue Team skills in a real-world exam. 🔥

📚 Build a Solid Foundation — Get the skills to confidently start a career in cyber security.
🔐 Hybrid Skills, Real Impact — Learn both offensive (pen testing) and defensive (SOC, SIEM) techniques.
🧪 Hands-On from Day One — Continuous evaluation across our practical modules in the Junior Cybersecurity Analyst Job-Role Path.
📈 Pathway to Advanced Certs — Be fully prepared to take on HTB's CPTS, CBBH, or CDSA next.

🎯 Perfect for beginners, career switchers, and aspiring cybersecurity analysts.

👉 Start your cyber security journey now:
https://academy.hackthebox.com/preview/certifications/htb-certified-junior-cybersecurity-associate

[New Module]

Android Penetration Testing Automation
#mini-module

Push-button pwnage for mobile apps 📲💥
Learn how to automate Android app testing with MobSF, Quark Engine, Objection, Drozer, and Medusa.

Tier: 3
Difficulty: Medium
Category: Offensive
Description:

This module explores the automation of penetration testing processes for Android applications, using advanced tools to simplify both static and dynamic analysis. It equips students with the techniques needed to efficiently identify and exploit vulnerabilities and strengthen applications against security breaches in real time.

[New Module]

Windows Low Level Detectability

User-mode telemetry meets memory-resident malware 🧬
Learn to intercept syscalls, analyze call stacks, detect DLL injections, and catch evasion techniques in action.

Tier: 4
Difficulty: Hard
Category: Defensive
Description:

This module introduces user-mode thread detection on Windows, focusing on low-level techniques and dynamic analysis. It covers the Win32 API, PE file structures, DLL injection, system call interception, and stack trace analysis. Setting a foundation in detecting suspicious memory activity, evasion methods, and control-flow obfuscation.

🚨 CBBH is becoming CWES 🚨

Big news, Hackers! 🔥 The HTB Certified Bug Bounty Hunter (CBBH) is evolving into the Certified Web Exploitation Specialist (CWES) — aligning your skills with the hottest security roles in today’s market.

Starting October 1, 2025:
💥 Bug Bounty Hunter path ➡ Web Penetration Tester path
💥 HTB CBBH cert ➡ HTB CWES cert (auto-upgrade for current holders!)
💥 50% of the path rebuilt with modern web security content — APIs, GraphQL, and real-world pentesting tactics
💥 Outdated modules retired & replaced with sharper, more relevant ones — no more training for yesterday’s web

📊 What's changing in the path?

Updated modules:
- Information Gathering – Web Edition
- SQL Injection Fundamentals
- Server-side Attacks
- Login Brute Forcing
- Broken Authentication
- File Inclusion

New modules:
- Web Fuzzing
- API Attacks
- Attacking GraphQL
- Attacking Common Applications

Removed modules:
- Attacking Web Applications with Ffuf
- Web Service & API Attacks
- Session Security
- Hacking WordPress

If you've unlocked any of the removed modules, you'll get the respective new ones for free! 🔥

Whether you’re certified, mid-path, or just starting out — this is your chance to level up, prove your skills, and get job-ready for the modern web threat landscape.
Same passion. Same hacking spirit. 💚 Now with a clearer path to the jobs that matter.

📢 We’ll be revealing more details and answering questions very soon — stay tuned!

🔗 Announcement & FAQs:
https://www.hackthebox.com/blog/HTB-CWES-announcement

[New Module]

Attacking AI – Application and System

Exploiting AI beyond the model 🤖💥
Learn how attackers target applications, systems, and orchestration protocols in modern AI deployments.

Tier: 2
Difficulty: Medium
Category: Offensive
Description:

This module explores vulnerabilities at the application and system level in AI deployments, including attacks against the Model Context Protocol (MCP), an orchestration standard introduced in 2024. Learners will uncover how weaknesses in AI’s supporting infrastructure can be identified and exploited.

[New Module]

Android Forensics

From data loss to evidence found 🕵️‍♂️
Master Android forensic tools, rooting methods, log analysis, and deleted file recovery.

Tier: 3
Difficulty: Medium
Category: General
Description:

The Android Forensics module teaches students evidence recovery, system investigation, and data analysis on Android devices. It covers rooting, secure root access, data extraction, and forensic suites like Autopsy, preparing students for real-world scenarios.

[New Skill Path]

With Android Forensics released, we also conclude its skill path! 📱🤖

Android Application Pentesting

Cracking the Droid Code 🔓📲
Master the art of analyzing, exploiting, and investigating Android applications from fundamentals to forensics.

The Android Application Pentesting Skill Path is a hands-on program covering Android fundamentals, security architecture, static and dynamic analysis, malware investigation, penetration testing automation, and digital forensics. Learners use tools like MobSF, Frida, Objection, ALEAPP, and Autopsy to practice rooting devices, bypassing security, and recovering data. Through module exercises and assessments, they build expertise in identifying vulnerabilities, mitigating threats, and performing professional forensic investigations on Android devices.

[New Module]

Windows API Monitoring and Hooking

Hook, log, detect! 🪝🔍
Master Windows API interception, DLL injection, token abuse detection, and EDR driver monitoring.

Tier: 4
Difficulty: Medium
Category: Defensive
Description:

This module introduces the monitoring and hooking techniques for Windows APIs. This technique is used in debugging, reverse engineering, malware analysis and so on. It covers the Win32 API, Windows Internals, interception, and more. It focuses on how to intercept and monitor API calls made by Windows applications in real time, helps to understand how a program interacts with the operating system, manipulate or analyze its behavior, and develop tools for analysis.

[New Module]

Attacking WPA3 Wi-Fi Networks

🔓📡 Crack the future of Wi-Fi!
Master real-world WPA3 attack techniques attackers use today.

Tier: 3
Difficulty: Medium
Category: Offensive
Description:

WPA3 improves upon WPA2 by offering stronger encryption, SAE for personal networks, OWE for open networks, and optional Protected Management Frames. However, it is not immune to attacks. In this module, we’ll explore practical attack vectors against WPA3 implementations, including OWE, SAE, and Enterprise networks (EAP-PWD), highlighting how vulnerabilities and misconfigurations can be exploited in real-world scenarios.

🚨 IT’S OFFICIAL: CBBH ➡ CWES 🚨

The HTB Certified Bug Bounty Hunter (CBBH) is now officially called the HTB Certified Web Exploitation Specialist (CWES)! 🔥

This marks the launch of the new Web Penetration Tester path, packed with cutting-edge content to sharpen your web hacking & pentesting skills.

💥 What Changed?

• CBBH Cert → CWES Cert (auto-upgrade: no extra exam, no extra cost ✅)
• Bug Bounty Hunter Path → Web Penetration Tester Path
• 50% of the path rebuilt with modern web security content
• Outdated modules retired & replaced with sharper, job-relevant ones

🆕 New Modules

• Web Fuzzing "now part of CWES"
• API Attacks "now part of CWES"
• Attacking GraphQL "now part of CWES"
• Information Gathering – Web Edition "previously released"
• Server-side Attacks "previously released"
• Login Brute Forcing "previously released"
• Broken Authentication "previously released"

🔄 Updated Modules

• SQL Injection Fundamentals -> new skills assessment now live
• File Inclusion -> new skills assessment now live
• Using Web Proxies -> Revamped content
• Attacking Common Applications -> now live in path "Thick Client sections to be removed soon"

👋 Removed (but replaced for free if you had them):

• Attacking Web Apps with Ffuf → Web Fuzzing
• Web Service & API Attacks → API Attacks
• Session Security → Attacking GraphQL

✅ What This Means for You

• Already certified? → Your CBBH was auto-converted to CWES on HTB + Credly!
• Free access to all new modules if you owned the replaced ones!

Same passion. Same hacking spirit. 💚
Now aligned directly with industry job roles (Web Pentesters, AppSec Engineers, & more).

🔗 Explore the new path now:
👉 https://academy.hackthebox.com/path/preview/web-penetration-tester

[New Module]

AI Evasion - Foundations

Bypass the Machines 🤖🛡️
Learn to outsmart AI models with cutting-edge evasion techniques

Tier: 2
Difficulty: Medium
Category: Offensive
Description:

This module explores the foundations of inference‑time evasion attacks against AI models, showing how to manipulate inputs to bypass classifiers and force targeted misclassifications in white‑ and black‑box settings.

New Module

AI Evasion - First-Order Attacks

Master adversarial AI attacks 🤖💥
Learn how to exploit model gradients to evade neural network defenses.

Tier: 2
Difficulty: Hard
Category: Offensive
Description:

This module explores gradient-based adversarial attacks that manipulate neural network inputs at inference time, showing how to craft minimal perturbations that cause misclassification through white-box access to model gradients.

New Module

AI Evasion - Sparsity Attacks

Sharpen your evasion tactics 💥🧠
Master L0-focused attacks that alter only the most critical input features.

Tier: 2
Difficulty: Hard
Category: Offensive
Description:

This module explores sparsity-constrained adversarial attacks that minimize the number of modified input features rather than perturbation magnitude, showing how to craft targeted misclassifications by changing only the most impactful pixels through L0-focused optimization and saliency-guided feature selection.

New Module

Linux Process Injections & Detections

Hijack & Hunt! 🧩🐧
Master Linux process injection and detection from both attacker and defender perspectives.

Tier: 4
Difficulty: Hard
Category: Defensive
Description:

This module introduces various Linux process injection techniques, from basic to advanced ones, from both local and remote standpoints. It focuses on how ELF sections and dynamic-linking structures can be abused for execution flow hijacking and evasion while overriding potential memory protections. It also explores the various detection opportunities and dynamic analysis techniques that can be employed for prevention and mitigation tasks.

New Module

Introduction to Linux Forensics

🐧 Dive into Linux Forensics 🕵️
Learn to investigate Linux systems, preserve digital evidence, and uncover attacker traces.

Tier: 2
Difficulty: Medium
Category: Defensive
Description:

This module covers techniques for conducting digital forensics on Linux systems prevalent in enterprise servers and cloud infrastructures. Linux forensics is critical for incident response and cyber investigations to preserve evidence, trace breaches, and support legal proceedings. Using this process, we examine key artifacts like logs, file metadata, and memory dumps to reconstruct timelines and attribute malicious actions.

2x New Module

Wi-Fi Penetration Testing Tools and Techniques

Hack the airwaves! 📡💀
Master advanced Wi-Fi attacks and toolchains used by real-world pentesters.

Tier: 3
Difficulty: Medium
Category: Offensive
Description:

Wireless network penetration testing presents a unique challenge due to the wide variety of technologies, protocols, and security configurations encountered in the field. This module introduces learners to a range of Wi-Fi pentesting tools, each selected to demonstrate techniques suited for different environments and stages of an engagement. By working through practical examples, learners will gain hands-on experience in choosing and applying the right tool for the task.

Attacking Corporate Wi-Fi Networks

Corporate Wi-Fi under fire! 💥📶
Simulate real-world wireless breaches and pivot deep into enterprise networks.

Tier: 3
Difficulty: Medium
Category: Offensive
Description:

This module incorporates a simulated Wi-Fi penetration test from start to finish, emphasizing hands-on techniques that reflect real-world engagements. It involves conducting scoped reconnaissance, assessing wireless configurations, and evaluating common attack surfaces across WPA2, WPA3, and Enterprise deployments. The environment culminates in a demonstration of internal network pivoting, including Active Directory access, all performed within a controlled, simulated environment and in adherence to strict legal and ethical boundaries.

New Job‑Role Path

Wi‑Fi Penetration Tester

Hack the airspace like a pro! ⚡📶
Master every step of a Wi‑Fi penetration test — from reconnaissance to full enterprise compromise.

Tier: 2-3
Difficulty: Medium
Category: Offensive
Description:

The Wi-Fi Penetration Tester Job Role Path is designed for professionals and aspiring security practitioners who want to build expertise in assessing and securing corporate wireless networks. The course provides hands-on training in evaluating the security of Wi-Fi environments, from attacking modern authentication and encryption protocols to simulating real-world attack scenarios such as rogue access points, man-in-the-middle attacks, and credential harvesting. Students will gain practical experience with industry-standard tools and methodologies, learning how to identify vulnerabilities, exploit misconfigurations, and recommend effective countermeasures. By the end of this Path the participants will be equipped with the knowledge and skills required to perform authorized Wi-Fi penetration tests and strengthen the wireless security posture of enterprise corporate environments.

2xNew Modules

AI Privacy

Protect your models from data-leaking attacks 🔐🤖
Learn how attackers infer training data membership and how to defend with differential privacy.

Tier: 2
Difficulty: Medium
Category: Defensive
Description:

This module explores privacy attacks against machine learning models and the differential privacy defenses that protect models from such attacks.

New Module

AI Defense

Harden your AI systems against real attacks 🛡️🤖
Learn how to defend models with adversarial training, tuning, and robust LLM guardrails.

Tier: 2
Difficulty: Medium
Category: Defensive
Description:

In this module, we will explore how to defend AI applications from the attack vectors discussed in the AI Red Teamer path. We will examine adversarial training, adversarial tuning, and LLM guardrails, including the fundamental concepts and practical implementation of these defensive measures.

Job‑Role Path Complete

The AI Red Teamer job-role path is now complete, with a total of 12 modules! 🔥

Master offensive AI security tactics ⚔️🤖
Learn to assess, exploit, and stress‑test AI systems using real adversarial techniques based on the latest cutting-edge research in the field.

Tier: 0-2
Difficulty: Hard
Category: Offensive
Description:

The AI Red Teamer Job Role Path, in collaboration with Google, trains cybersecurity professionals to assess, exploit, and secure AI systems. Covering prompt injection, model privacy attacks, adversarial AI, supply chain risks, and deployment threats, it combines theory with hands-on exercises. Aligned with Google’s Secure AI Framework (SAIF), it ensures relevance to real-world AI security challenges. Learners will gain skills to manipulate model behaviors, develop AI-specific red teaming strategies, and perform offensive security testing against AI-driven applications.

[New Module]

WMI Tradecraft Analysis

Master WMI tradecraft — detect stealthy execution and persistence 🛡️🕵️‍♂️
Learn to analyze, detect, and investigate malicious WMI activity across enterprise environments.

Tier: 4
Difficulty: Medium
Category: Defensive
Description:

This module introduces WMI (Windows Management Instrumentation) based attack and analysis techniques, from both local and remote standpoints. WMI is a core Windows management technology that is frequently abused by attackers for stealthy execution, lateral movement, and persistence. It provides a structured analysis of WMI tradecraft and focuses on how adversaries weaponize WMI and how defenders can detect, hunt, and investigate malicious WMI activity in enterprise environments.

[New Module]

Android Attacks

Master mobile attack techniques! 🔥🕵️
Gain hands‑on skills to uncover and fix Android vulnerabilities.

Tier: 3
Difficulty: Medium
Category: Offensive
Description:

This module introduces common mobile security attacks through a series of hands‑on vulnerable application examples. Students will learn how mobile vulnerabilities arise, how to categorize them based on known mobile security frameworks, how they are exploited in real applications, and how to identify and remediate them using techniques learned in the previous modules.

🚀 CWPE is HERE! 🎉

Introducing the HTB Certified Wi‑Fi Pentesting Expert (HTB CWPE) Certification! 🔥
The certificate accompanying the Wi‑Fi Penetration Tester Job-Role Path.

🌐 Become a Wi‑Fi master!
🛠️ Hands‑on labs for capturing handshakes, cracking keys, deploying evil twins, and many other modern attacks, all without any extra hardware required.
🧠 Learn from the perspective of a modern insider threat and master WPA3 attacks, Evil Twin setups, captive‑portal bypasses, and more!

📚 What you’ll learn:

• 📡 Wi‑Fi basics & security protocols
• 🛠️ WPS & legacy Wi‑Fi attacks
• 🔐 WPA/WPA2 & WPA3 network exploitation
• 👾 Evil Twin & rogue AP techniques
• ⚙️ Password cracking & automation
• 🔄 Pivot from Wi‑Fi to internal networks

🎓 Certification Path:
1️⃣ Complete the Wi‑Fi Penetration Tester Job Role Path (100% ✔️).
2️⃣ Unlock your exam voucher.
3️⃣ Enter the 7‑day lab, submit flags, and write a professional report.
4️⃣ Receive your digital (and soon physical) cert!

🔓 Ready to dive in?

• Upgrade to Gold Annual or Grow plan for full access.
• Start training today and join the elite Wi‑Fi pentesters!

👉 Get started now!

Read more
HTB CWPE

[New Module]

Privilege Escalation Tradecraft Analysis

Unlock the secrets of privilege escalation with precision 🔒
Master the art of detecting and preventing privilege escalations.

Tier: 4
Difficulty: Hard
Category: Defensive
Description:

This module covers the analytical study of privilege escalation tradecraft on Windows, from its role in the attack lifecycle to how it can be detected and investigated. It focuses on how attackers abuse core Windows mechanisms to elevate privileges and bypass access control. Throughout the module, you will analyze real‑world techniques and exploits to understand how they work internally and learn how to translate this knowledge into effective and reliable detection strategies.

We are having issues with our upstream provider that is impacting PwnBox, we are looking into the matter

[New Module]

Persistence Tradecraft Analysis

Master the art of staying hidden! 🚨🕵️
Learn how to keep adversaries on your radar through detection of advanced persistence techniques.

Tier: 4
Difficulty: Hard
Category: Defensive
Description:

This module covers the persistence tradecraft on Windows, from its role in the attack lifecycle to its detection and investigation. Persistence mechanisms allow adversaries to maintain access to compromised systems even after reboots, logoffs, or system interruptions. In Windows environments, attackers often abuse legitimate system features such as Scheduled Tasks, Services, and Registry-based startup mechanisms to ensure their malicious code executes automatically. Understanding how these techniques operate and how they appear in system artifacts is essential for detecting and investigating long-term intrusions. Throughout the module, you will explore real-world persistence mechanisms to understand how they work internally and learn to translate this knowledge into effective, reliable detection rules.

🚀 HTB COAE is finally here. 🎉

Introducing the HTB Certified Offensive AI Expert (HTB COAE) Certification! 🔥
A professional-grade, 7-day practical examination that covers everything from data poisoning to AI privacy.

🧠 Become an AI Red Teaming expert!
You have been crushing the AI Red Teamer Job-Role Path. Now it is time to put those skills to the test 🦾

🎓 Certification Path:
1️⃣ Complete the AI Red Teamer Job Role Path (100% ✔️).
2️⃣ Unlock your exam voucher.
3️⃣ Enter the 7‑day lab, submit flags, and write a professional report.
4️⃣ Receive your digital (and soon physical) cert!

🔓 Ready to dive in?
Upgrade to Silver Annual or Student subscription for full access.

👉 Get started now!

Read more
HTB COAE

Hey all,

We wanted to take a moment and explain the recent changes regarding the Academy 2.0 and the readability, as we have received alot of feedback.

Why the Change?
Our research focused on balancing screen real estate with the optimal reading experience. Here is the reasoning behind the new layout:

• our research shows the ideal line length for comprehension is 60–66 characters per line (CPL).
• The Problem with Legacy: In our legacy version, lines often stretched to 90–134 characters. Research indicated that lines exceeding 80 characters are "intimidating" and are skipped 41% more often.
• Preventing Fatigue: Extremely long lines force the eye to make long "return sweeps," which leads to "undersweep" errors 57% of the time, requiring corrective eye movements that slow down reading.

Our Solution: While 60–66 CPL is technically ideal, we have adjusted the new Academy to 90–100 characters. This provides a better reading rhythm than legacy while preventing the excessive "blank space" that occurs at stricter academic widths.

We've also made the following changes since:

• Increased Content Width: We have expanded the text area to provide more characters per line based on your feedback.
• Hidden Top Navigation: The global menu is now hidden within the module to increase vertical focus space.
• Dynamic Completion Menu: The "Next Section" menu is no longer sticky; it now appears only as you scroll to the end of a section to reduce visual clutter.

We will continue to analyze usability and welcome your feedback as we refine the platform.

New Learn with HTB dropped! PinkDraconian goes over why a popular security post got web developers a bit spicy.

https://youtu.be/kRb4qqG5Vnc