New Job-Role Training Path: Active Directory Penetration Tester! Learn More

Web Requests

This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.

4.76

Created by 21y4d

Fundamental General

Summary

This module introduces key fundamentals that must be mastered to be successful in information security. Understanding web requests is essential for understanding how web applications work, which is necessary before attempting to attack or secure any web application. This makes this module the very first step in web application penetration testing.

This module will deliver these concepts through two main tools: cURL and the Browser DevTools. These tools are among the essential tools in any web penetration tester's arsenal, and this module will start you on the path to mastering them.

In addition to the above, this module will cover:

  • An overview of the HyperText Transfer Protocol (HTTP)
  • An overview of the Hypertext Transfer Protocol Secure (HTTPS)
  • HTTP requests and responses and their headers
  • HTTP methods and response codes
  • Common HTTP methods such as GET, POST, PUT, and DELETE
  • Interacting with APIs

CREST CPSA/CRT-related Sections:

  • All sections

CREST CCT APP-related Sections:

  • All sections

CREST CCT INF-related Sections:

  • All sections

This module is broken down into sections with accompanying hands-on exercises to practice each of the tactics and techniques we cover. The module ends with a practical hands-on skills assessment to gauge your understanding of the various topic areas.

You can start and stop the module at any time and pick up where you left off. There is no time limit or "grading," but you must complete all of the exercises and the skills assessment to receive the maximum number of cubes and have this module marked as complete in any paths you have chosen.

As you work through the module, you will see example commands and command output for the various topics introduced. It is worth reproducing as many of these examples as possible to reinforce further the concepts presented in each section. You can do this in the PwnBox provided in the interactive sections or in your virtual machine.


The module is classified as "Fundamental" and assumes a working knowledge of the Linux command line and an understanding of information security fundamentals. Though not mandatory, we recommend taking these modules before/along with this module:

  • Introduction to Networking
  • Linux Fundamentals

HyperText Transfer Protocol (HTTP)

Today, the majority of the applications we use constantly interact with the internet, both web and mobile applications. Most internet communications are made with web requests through the HTTP protocol. HTTP is an application-level protocol used to access the World Wide Web resources. The term hypertext stands for text containing links to other resources and text that the readers can easily interpret.

HTTP communication consists of a client and a server, where the client requests the server for a resource. The server processes the requests and returns the requested resource. The default port for HTTP communication is port 80, though this can be changed to any other port, depending on the web server configuration. The same requests are utilized when we use the internet to visit different websites. We enter a Fully Qualified Domain Name (FQDN) as a Uniform Resource Locator (URL) to reach the desired website, like www.hackthebox.com.


URL

Resources over HTTP are accessed via a URL, which offers many more specifications than simply specifying a website we want to visit. Let's look at the structure of a URL: url_structure

Here is what each component stands for:

Component Example Description
Scheme http:// https:// This is used to identify the protocol being accessed by the client, and ends with a colon and a double slash (://)
User Info admin:password@ This is an optional component that contains the credentials (separated by a colon :) used to authenticate to the host, and is separated from the host with an at sign (@)
Host inlanefreight.com The host signifies the resource location. This can be a hostname or an IP address
Port :80 The Port is separated from the Host by a colon (:). If no port is specified, http schemes default to port 80 and https default to port 443
Path /dashboard.php This points to the resource being accessed, which can be a file or a folder. If there is no path specified, the server returns the default index (e.g. index.html).
Query String ?login=true The query string starts with a question mark (?), and consists of a parameter (e.g. login) and a value (e.g. true). Multiple parameters can be separated by an ampersand (&).
Fragments #status Fragments are processed by the browsers on the client-side to locate sections within the primary resource (e.g. a header or section on the page).

Not all components are required to access a resource. The main mandatory fields are the scheme and the host, without which the request would have no resource to request.


HTTP Flow

HTTP_Flow

The diagram above presents the anatomy of an HTTP request at a very high level. The first time a user enters the URL (inlanefreight.com) into the browser, it sends a request to a DNS (Domain Name Resolution) server to resolve the domain and get its IP. The DNS server looks up the IP address for inlanefreight.com and returns it. All domain names need to be resolved this way, as a server can't communicate without an IP address.

Note: Our browsers usually first look up records in the local '/etc/hosts' file, and if the requested domain does not exist within it, then they would contact other DNS servers. We can use the '/etc/hosts' to manually add records to for DNS resolution, by adding the IP followed by the domain name.

Once the browser gets the IP address linked to the requested domain, it sends a GET request to the default HTTP port (e.g. 80), asking for the root / path. Then, the web server receives the request and processes it. By default, servers are configured to return an index file when a request for / is received.

In this case, the contents of index.html are read and returned by the web server as an HTTP response. The response also contains the status code (e.g. 200 OK), which indicates that the request was successfully processed. The web browser then renders the index.html contents and presents it to the user.

Note: This module is mainly focused on HTTP web requests. For more on HTML and web applications, you may refer to the Introduction to Web Applications module.


cURL

In this module, we will be sending web requests through two of the most important tools for any web penetration tester, a Web Browser, like Chrome or Firefox, and the cURL command line tool.

cURL (client URL) is a command-line tool and library that primarily supports HTTP along with many other protocols. This makes it a good candidate for scripts as well as automation, making it essential for sending various types of web requests from the command line, which is necessary for many types of web penetration tests.

We can send a basic HTTP request to any URL by using it as an argument for cURL, as follows:

[!bash!]$ curl inlanefreight.com

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
...SNIP...

We see that cURL does not render the HTML/JavaScript/CSS code, unlike a web browser, but prints it in its raw format. However, as penetration testers, we are mainly interested in the request and response context, which usually becomes much faster and more convenient than a web browser.

We may also use cURL to download a page or a file and output the content into a file using the -O flag. If we want to specify the output file name, we can use the -o flag and specify the name. Otherwise, we can use -O and cURL will use the remote file name, as follows:

[!bash!]$ curl -O inlanefreight.com/index.html
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 464    0 464    0     0  17858      0 --:--:-- --:--:-- --:--:-- 18069
[!bash!]$ ls
index.html

As we can see, the output was not printed this time but rather saved into index.html. We noticed that cURL still printed some status while processing the request. We can silent the status with the -s flag, as follows:

[!bash!]$ curl -s -O inlanefreight.com/index.html

This time, cURL did not print anything, as the output was saved into the index.html file. Finally, we may use the -h flag to see what other options we may use with cURL:

[!bash!]$ curl -h
Usage: curl [options...] <url>
 -d, --data <data>   HTTP POST data
 -h, --help <category> Get help for commands
 -i, --include       Include protocol response headers in the output
 -o, --output <file> Write to file instead of stdout
 -O, --remote-name   Write output to a file named as the remote file
 -s, --silent        Silent mode
 -u, --user <user:password> Server user and password
 -A, --user-agent <name> Send User-Agent <name> to server
 -v, --verbose       Make the operation more talkative

This is not the full help, this menu is stripped into categories.
Use "--help category" to get an overview of all categories.
Use the user manual `man curl` or the "--help all" flag for all options.

As the above message mentions, we may use --help all to print a more detailed help menu, or --help category (e.g. -h http) to print the detailed help of a specific flag. If we ever need to read more detailed documentation, we can use man curl to view the full cURL manual page.

In the upcoming sections, we will cover most of the above flags and see where we should use each of them.

Sign Up / Log In to Unlock the Module

Please Sign Up or Log In to unlock the module and access the rest of the sections.

Relevant Paths

This module progresses you towards the following Paths

Bug Bounty Hunter

The Bug Bounty Hunter Job Role Path is for individuals who want to enter the world of Bug Bounty Hunting with little to no prior experience. This path covers core web application security assessment and bug bounty hunting concepts and provides a deep understanding of the attack tactics used during bug bounty hunting. Armed with the necessary theoretical background, multiple practical exercises, and a proven bug bounty hunting methodology, students will go through all bug bounty hunting stages, from reconnaissance and bug identification to exploitation, documentation, and communication to vendors/programs. Upon completing this job role path, you will have become proficient in the most common bug bounty hunting and attack techniques against web applications and be in the position of professionally reporting bugs to a vendor.

Medium Path Sections 266 Sections
Required: 1410
Reward: +330
Path Modules
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Easy
Path Sections 15 Sections
Reward: +20
Web application penetration testing frameworks are an essential part of any web penetration test. This module will teach you two of the best frameworks: Burp Suite and OWASP ZAP.
Easy
Path Sections 19 Sections
Reward: +20
This module equips learners with essential web reconnaissance skills, crucial for ethical hacking and penetration testing. It explores both active and passive techniques, including DNS enumeration, web crawling, analysis of web archives and HTTP headers, and fingerprinting web technologies.
Easy
Path Sections 13 Sections
Reward: +10
This module covers the fundamental enumeration skills of web fuzzing and directory brute forcing using the Ffuf tool. The techniques learned in this module will help us in locating hidden pages, directories, and parameters when targeting web applications.
Easy
Path Sections 11 Sections
Reward: +10
This module will take you step-by-step through the fundamentals of JavaScript Deobfuscation until you can deobfuscate basic JavaScript code and understand its purpose.
Easy
Path Sections 10 Sections
Reward: +20
Cross-Site Scripting (XSS) vulnerabilities are among the most common web application vulnerabilities. An XSS vulnerability may allow an attacker to execute arbitrary JavaScript code within the target's browser and result in complete web application compromise if chained together with other vulnerabilities. This module will teach you how to identify XSS vulnerabilities and exploit them.
Medium
Path Sections 17 Sections
Reward: +10
Databases are an important part of web application infrastructure and SQL (Structured Query Language) to store, retrieve, and manipulate information stored in them. SQL injection is a code injection technique used to take advantage of coding vulnerabilities and inject SQL queries via an application to bypass authentication, retrieve data from the back-end database, or achieve code execution on the underlying server.
Easy
Path Sections 11 Sections
Reward: +20
The SQLMap Essentials module will teach you the basics of using SQLMap to discover various types of SQL Injection vulnerabilities, all the way to the advanced enumeration of databases to retrieve all data of interest.
Medium
Path Sections 12 Sections
Reward: +20
Command injection vulnerabilities can be leveraged to compromise a hosting server and its entire network. This module will teach you how to identify and exploit command injection vulnerabilities and how to use various filter bypassing techniques to avoid security mitigations.
Medium
Path Sections 11 Sections
Reward: +20
Arbitrary file uploads are among the most critical web vulnerabilities. These flaws enable attackers to upload malicious files, execute arbitrary commands on the back-end server, and even take control over the entire server and all web applications hosted on it and potentially gain access to sensitive data or cause a service disruption.
Medium
Path Sections 19 Sections
Reward: +20 NEW
A backend that handles user-supplied input insecurely can lead to devastating security vulnerabilities such as sensitive information disclosure and remote code execution. This module covers how to identify and exploit server-side bugs, including Server-Side Request Forgery (SSRF), Server-Side Template Injection (SSTI), and Server-Side Includes (SSI) injection attacks.
Easy
Path Sections 11 Sections
Reward: +20
Learn how to brute force logins for various types of services and create custom wordlists based on your target.
Medium
Path Sections 14 Sections
Reward: +20
Authentication is probably the most straightforward and prevalent measure used to secure access to resources, and it's the first line of defense against unauthorized access. Broken authentication is listed as #7 on the 2021 OWASP Top 10 Web Application Security Risks, falling under the broader category of Identification and Authentication failures. A vulnerability or misconfiguration at the authentication stage can impact an application's overall security.
Medium
Path Sections 18 Sections
Reward: +20
This module covers three common web vulnerabilities, HTTP Verb Tampering, IDOR, and XXE, each of which can have a significant impact on a company's systems. We will cover how to identify, exploit, and prevent each of them through various methods.
Medium
Path Sections 11 Sections
Reward: +10
File Inclusion is a common web application vulnerability, which can be easily overlooked as part of a web application's functionality.
Medium
Path Sections 14 Sections
Reward: +20
Maintaining and keeping track of a user's session is an integral part of web applications. It is an area that requires extensive testing to ensure it is set up robustly and securely. This module covers the most common attacks and vulnerabilities that can affect web application sessions, such as Session Hijacking, Session Fixation, Cross-Site Request Forgery, Cross-Site Scripting, and Open Redirects.
Medium
Path Sections 13 Sections
Reward: +20
Web services and APIs are frequently exposed to provide certain functionalities in a programmatic way between heterogeneous devices and software components. Both web services and APIs can assist in integrating different applications or facilitate separation within a given application. This module covers how to identify the functionality a web service or API offers and exploit any security-related inefficiencies.
Easy
Path Sections 16 Sections
Reward: +20
WordPress is an open-source Content Management System (CMS) that can be used for multiple purposes.
Easy
Path Sections 6 Sections
Reward: +10
Bug bounty programs encourage security researchers to identify bugs and submit vulnerability reports. Getting into the world of bug bounty hunting without any prior experience can be a daunting task, though. This module covers the bug bounty hunting process to help you start bug bounty hunting in an organized and well-structured way. It's all about effectiveness and professionally communicating your findings.

Cracking into Hack the Box

To be successful in any technical information security role, we must have a broad understanding of specialized tools, tactics, and terminology. This path introduces core concepts necessary for anyone interested in a hands-on technical infosec role. The modules also provide the essential prerequisite knowledge for joining the main Hack The Box platform, progressing through Starting Point through easy-rated retired machines, and solving "live" machines with no walkthrough. It also includes helpful information about staying organized, navigating the HTB platforms, common pitfalls, and selecting a penetration testing distribution. Students will complete their first box during this path with a guided walkthrough and be challenged to complete a box on their own by applying the knowledge learned in the Getting Started module.

Easy Path Sections 42 Sections
Required: 30
Reward: +30
Path Modules
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Easy
Path Sections 11 Sections
Reward: +10
This module will take you step-by-step through the fundamentals of JavaScript Deobfuscation until you can deobfuscate basic JavaScript code and understand its purpose.
Fundamental
Path Sections 23 Sections
Reward: +10
This module covers the fundamentals of penetration testing and an introduction to Hack The Box.

Apache 2021-41773

Path related to ApacheCGI including modules based on web requests and webapps

Medium Path Sections 38 Sections
Required: 160
Reward: +40
Path Modules
Easy
Path Sections 12 Sections
Reward: +10
Nmap is one of the most used networking mapping and discovery tools because of its accurate results and efficiency. The tool is widely used by both offensive and defensive security practitioners. This module covers fundamentals that will be needed to use the Nmap tool for performing effective network enumeration.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Medium
Path Sections 18 Sections
Reward: +20
This module covers three common web vulnerabilities, HTTP Verb Tampering, IDOR, and XXE, each of which can have a significant impact on a company's systems. We will cover how to identify, exploit, and prevent each of them through various methods.

Introduction to Web Requests / Apps

A path to build from the foundation of linux fundamentals, how the web and web requests work, and finally exploiting and securing a WebApp.

Easy Path Sections 131 Sections
Required: 340
Reward: +100
Path Modules
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Easy
Path Sections 12 Sections
Reward: +10
Nmap is one of the most used networking mapping and discovery tools because of its accurate results and efficiency. The tool is widely used by both offensive and defensive security practitioners. This module covers fundamentals that will be needed to use the Nmap tool for performing effective network enumeration.
Easy
Path Sections 10 Sections
Reward: +10
This module covers the basics needed for working with Bash scripts to automate tasks on Linux systems. A strong grasp of Bash is a fundamental skill for anyone working in a technical information security role. Through the power of automation, we can unlock the Linux operating system's full potential and efficiently perform habitual tasks.
Easy
Path Sections 15 Sections
Reward: +20
Web application penetration testing frameworks are an essential part of any web penetration test. This module will teach you two of the best frameworks: Burp Suite and OWASP ZAP.
Medium
Path Sections 18 Sections
Reward: +20
This module covers three common web vulnerabilities, HTTP Verb Tampering, IDOR, and XXE, each of which can have a significant impact on a company's systems. We will cover how to identify, exploit, and prevent each of them through various methods.

Fundamental Technologies 102

Fundamental Technologies 102

Easy Path Sections 106 Sections
Required: 60
Reward: +60
Path Modules
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Fundamental
Path Sections 16 Sections
Reward: +10
Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface. To be successful as penetration testers and information security professionals, we must have a firm understanding of Active Directory fundamentals, AD structures, functionality, common AD flaws, misconfigurations, and defensive measures.

Cambium WebDev 0.1

Base webdev course covering basics of web app hardening and attack

Easy Path Sections 123 Sections
Required: 70
Reward: +70
Path Modules
Fundamental
Path Sections 23 Sections
Reward: +10
This module covers the fundamentals of penetration testing and an introduction to Hack The Box.
Fundamental
Path Sections 20 Sections
Reward: +10
The learning process is one of the essential and most important components that is often overlooked. This module does not teach you techniques to learn but describes the process of learning adapted to the field of information security. You will learn to understand how and when we learn best and increase and improve your learning efficiency greatly.
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Medium
Path Sections 17 Sections
Reward: +10
Databases are an important part of web application infrastructure and SQL (Structured Query Language) to store, retrieve, and manipulate information stored in them. SQL injection is a code injection technique used to take advantage of coding vulnerabilities and inject SQL queries via an application to bypass authentication, retrieve data from the back-end database, or achieve code execution on the underlying server.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.

Beginners Path

This path is created specifically for new joiners in Fkon Company.

Easy Path Sections 120 Sections
Required: 200
Reward: +80
Path Modules
Fundamental
Path Sections 16 Sections
Reward: +10
Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface. To be successful as penetration testers and information security professionals, we must have a firm understanding of Active Directory fundamentals, AD structures, functionality, common AD flaws, misconfigurations, and defensive measures.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Easy
Path Sections 12 Sections
Reward: +10
Nmap is one of the most used networking mapping and discovery tools because of its accurate results and efficiency. The tool is widely used by both offensive and defensive security practitioners. This module covers fundamentals that will be needed to use the Nmap tool for performing effective network enumeration.
Easy
Path Sections 16 Sections
Reward: +20
WordPress is an open-source Content Management System (CMS) that can be used for multiple purposes.

EIC Pathway

Test Pathway for new EICs

Easy Path Sections 169 Sections
Required: 200
Reward: +120
Path Modules
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Easy
Path Sections 12 Sections
Reward: +10
Nmap is one of the most used networking mapping and discovery tools because of its accurate results and efficiency. The tool is widely used by both offensive and defensive security practitioners. This module covers fundamentals that will be needed to use the Nmap tool for performing effective network enumeration.
Easy
Path Sections 10 Sections
Reward: +10
This module covers the basics needed for working with Bash scripts to automate tasks on Linux systems. A strong grasp of Bash is a fundamental skill for anyone working in a technical information security role. Through the power of automation, we can unlock the Linux operating system's full potential and efficiently perform habitual tasks.
Medium
Path Sections 11 Sections
Reward: +10
File Inclusion is a common web application vulnerability, which can be easily overlooked as part of a web application's functionality.
Medium
Path Sections 10 Sections
Reward: +10
During an assessment, it is very common for us to transfer files to and from a target system. This module covers file transfer techniques leveraging tools commonly available across all versions of Windows and Linux systems.
Medium
Path Sections 17 Sections
Reward: +10
Databases are an important part of web application infrastructure and SQL (Structured Query Language) to store, retrieve, and manipulate information stored in them. SQL injection is a code injection technique used to take advantage of coding vulnerabilities and inject SQL queries via an application to bypass authentication, retrieve data from the back-end database, or achieve code execution on the underlying server.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Easy
Path Sections 11 Sections
Reward: +10
This module will take you step-by-step through the fundamentals of JavaScript Deobfuscation until you can deobfuscate basic JavaScript code and understand its purpose.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.

Sec Eng VIA Level 1

This Job Role Path is for newcomers to information security who aspire to become professional penetration testers. This path covers core security assessment concepts and provides a deep understanding of the specialized tools, attack tactics, and methodology used during penetration testing. Armed with the necessary theoretical background and multiple practical exercises, students will go through all penetration testing stages, from reconnaissance and enumeration to documentation and reporting. Upon completing our first job role path, you will have obtained the practical skills and mindset necessary to perform professional security assessments against enterprise-level infrastructure at a basic to intermediate level.

Medium Path Sections 304 Sections
Required: 1200
Reward: +280
Path Modules
Fundamental
Path Sections 15 Sections
Reward: +10
This module teaches the penetration testing process broken down into each stage and discussed in detail. We will cover many aspects of the role of a penetration tester during a penetration test, explained and illustrated with detailed examples. The module also covers pre-engagement steps like the criteria for establishing a contract with a client for a penetration testing engagement.
Easy
Path Sections 15 Sections
Reward: +10
The Metasploit Framework is an open-source set of tools used for network enumeration, attacks, testing security vulnerabilities, evading detection, performing privilege escalation attacks, and performing post-exploitation.
Medium
Path Sections 17 Sections
Reward: +10
Gain the knowledge and skills to identify and use shells & payloads to establish a foothold on vulnerable Windows & Linux systems. This module utilizes a fictitious scenario where the learner will place themselves in the perspective of a sysadmin trying out for a position on CAT5 Security's network penetration testing team.
Medium
Path Sections 21 Sections
Reward: +20
This module covers techniques for footprinting the most commonly used services in almost all enterprise and business IT infrastructures. Footprinting is an essential phase of any penetration test or security audit to identify and prevent information disclosure. Using this process, we examine the individual services and attempt to obtain as much information from them as possible.
Easy
Path Sections 12 Sections
Reward: +10
Nmap is one of the most used networking mapping and discovery tools because of its accurate results and efficiency. The tool is widely used by both offensive and defensive security practitioners. This module covers fundamentals that will be needed to use the Nmap tool for performing effective network enumeration.
Easy
Path Sections 17 Sections
Reward: +10
This module introduces the concept of Vulnerability Assessments. We will review the differences between vulnerability assessments and penetration tests, how to carry out a vulnerability assessment, how to interpret the assessment results, and how to deliver an effective vulnerability assessment report.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Easy
Path Sections 15 Sections
Reward: +20
Web application penetration testing frameworks are an essential part of any web penetration test. This module will teach you two of the best frameworks: Burp Suite and OWASP ZAP.
Easy
Path Sections 11 Sections
Reward: +20
Learn how to brute force logins for various types of services and create custom wordlists based on your target.
Medium
Path Sections 33 Sections
Reward: +20
Penetration Testers can come across various applications, such as Content Management Systems, custom web applications, internal portals used by developers and sysadmins, and more. It's common to find the same applications across many different environments. While an application may not be vulnerable in one environment, it may be misconfigured or unpatched in the next. It is important as an assessor to have a firm grasp of enumerating and attacking the common applications discussed in this module. This knowledge will help when encountering other types of applications during assessments.
Medium
Path Sections 18 Sections
Reward: +20
This module covers three common web vulnerabilities, HTTP Verb Tampering, IDOR, and XXE, each of which can have a significant impact on a company's systems. We will cover how to identify, exploit, and prevent each of them through various methods.
Medium
Path Sections 11 Sections
Reward: +10
File Inclusion is a common web application vulnerability, which can be easily overlooked as part of a web application's functionality.
Easy
Path Sections 28 Sections
Reward: +20
Privilege escalation is a crucial phase during any security assessment. During this phase, we attempt to gain access to additional users, hosts, and resources to move closer to the assessment's overall goal. There are many ways to escalate privileges. This module aims to cover the most common methods emphasizing real-world misconfigurations and flaws that we may encounter in a client environment. The techniques covered in this module are not an exhaustive list of all possibilities and aim to avoid extreme "edge-case" tactics that may be seen in a Capture the Flag (CTF) exercise.
Medium
Path Sections 33 Sections
Reward: +20
After gaining a foothold, elevating our privileges will provide more options for persistence and may reveal information stored locally that can further our access in the environment. Enumeration is the key to privilege escalation. When you gain initial shell access to the host, it is important to gain situational awareness and uncover details relating to the OS version, patch level, any installed software, our current privileges, group memberships, and more. Windows presents an enormous attack surface and, being that most companies run Windows hosts in some way, we will more often than not find ourselves gaining access to Windows machines during our assessments. This covers common methods while emphasizing real-world misconfigurations and flaws that we may encounter during an assessment. There are many additional "edge-case" possibilities not covered in this module. We will cover both modern and legacy Windows Server and Desktop versions that may be present in a client environment.
Medium
Path Sections 10 Sections
Reward: +10
During an assessment, it is very common for us to transfer files to and from a target system. This module covers file transfer techniques leveraging tools commonly available across all versions of Windows and Linux systems.
Medium
Path Sections 18 Sections
Reward: +20
Once a foothold is gained during an assessment, it may be in scope to move laterally and vertically within a target network. Using one compromised machine to access another is called pivoting and allows us to access networks and resources that are not directly accessible to us through the compromised host. Port forwarding accepts the traffic on a given IP address and port and redirects it to a different IP address and port combination. Tunneling is a technique that allows us to encapsulate traffic within another protocol so that it looks like a benign traffic stream.
Easy
Path Sections 8 Sections
Reward: +20
Proper documentation is paramount during any engagement. The end goal of a technical assessment is the report deliverable which will often be presented to a broad audience within the target organization. We must take detailed notes and be very organized in our documentation, which will help us in the event of an incident during the assessment. This will also help ensure that our reports contain enough detail to illustrate the impact of our findings properly.
Medium
Path Sections 14 Sections
Reward: +20
We often encounter large and complex networks during our assessments. We must be comfortable approaching an internal or external network, regardless of the size, and be able to work through each phase of the penetration testing process to reach our goal. This module will guide students through a simulated penetration testing engagement, from start to finish, with an emphasis on hands-on testing steps that are directly applicable to real-world engagements.

Onboarding

welcome to LHIND onboarding

Medium Path Sections 360 Sections
Required: 1950
Reward: +430
Path Modules
Medium
Path Sections 17 Sections
Reward: +10
Databases are an important part of web application infrastructure and SQL (Structured Query Language) to store, retrieve, and manipulate information stored in them. SQL injection is a code injection technique used to take advantage of coding vulnerabilities and inject SQL queries via an application to bypass authentication, retrieve data from the back-end database, or achieve code execution on the underlying server.
Easy
Path Sections 13 Sections
Reward: +10
This module covers the fundamental enumeration skills of web fuzzing and directory brute forcing using the Ffuf tool. The techniques learned in this module will help us in locating hidden pages, directories, and parameters when targeting web applications.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Easy
Path Sections 12 Sections
Reward: +10
Nmap is one of the most used networking mapping and discovery tools because of its accurate results and efficiency. The tool is widely used by both offensive and defensive security practitioners. This module covers fundamentals that will be needed to use the Nmap tool for performing effective network enumeration.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Easy
Path Sections 28 Sections
Reward: +20
Privilege escalation is a crucial phase during any security assessment. During this phase, we attempt to gain access to additional users, hosts, and resources to move closer to the assessment's overall goal. There are many ways to escalate privileges. This module aims to cover the most common methods emphasizing real-world misconfigurations and flaws that we may encounter in a client environment. The techniques covered in this module are not an exhaustive list of all possibilities and aim to avoid extreme "edge-case" tactics that may be seen in a Capture the Flag (CTF) exercise.
Easy
Path Sections 11 Sections
Reward: +20
Learn how to brute force logins for various types of services and create custom wordlists based on your target.
Easy
Path Sections 11 Sections
Reward: +20
The SQLMap Essentials module will teach you the basics of using SQLMap to discover various types of SQL Injection vulnerabilities, all the way to the advanced enumeration of databases to retrieve all data of interest.
Medium
Path Sections 14 Sections
Reward: +20
Authentication is probably the most straightforward and prevalent measure used to secure access to resources, and it's the first line of defense against unauthorized access. Broken authentication is listed as #7 on the 2021 OWASP Top 10 Web Application Security Risks, falling under the broader category of Identification and Authentication failures. A vulnerability or misconfiguration at the authentication stage can impact an application's overall security.
Easy
Path Sections 10 Sections
Reward: +20
Cross-Site Scripting (XSS) vulnerabilities are among the most common web application vulnerabilities. An XSS vulnerability may allow an attacker to execute arbitrary JavaScript code within the target's browser and result in complete web application compromise if chained together with other vulnerabilities. This module will teach you how to identify XSS vulnerabilities and exploit them.
Medium
Path Sections 33 Sections
Reward: +20
Penetration Testers can come across various applications, such as Content Management Systems, custom web applications, internal portals used by developers and sysadmins, and more. It's common to find the same applications across many different environments. While an application may not be vulnerable in one environment, it may be misconfigured or unpatched in the next. It is important as an assessor to have a firm grasp of enumerating and attacking the common applications discussed in this module. This knowledge will help when encountering other types of applications during assessments.
Medium
Path Sections 19 Sections
Reward: +20
Organizations regularly use a standard set of services for different purposes. It is vital to conduct penetration testing activities on each service internally and externally to ensure that they are not introducing security threats. This module will cover how to enumerate each service and test it against known vulnerabilities and exploits with a standard set of tools.
Medium
Path Sections 18 Sections
Reward: +20
This module covers three common web vulnerabilities, HTTP Verb Tampering, IDOR, and XXE, each of which can have a significant impact on a company's systems. We will cover how to identify, exploit, and prevent each of them through various methods.
Medium
Path Sections 11 Sections
Reward: +20
Arbitrary file uploads are among the most critical web vulnerabilities. These flaws enable attackers to upload malicious files, execute arbitrary commands on the back-end server, and even take control over the entire server and all web applications hosted on it and potentially gain access to sensitive data or cause a service disruption.
Medium
Path Sections 22 Sections
Reward: +10
Passwords are still the primary method of authentication in corporate networks. If strong password policies are not in place, users will often opt for weak, easy-to-remember passwords that can often be cracked offline and used to further our access. We will encounter passwords in many forms during our assessments. We must understand the various ways they are stored, how they can be retrieved, methods to crack weak passwords, ways to use hashes that cannot be cracked, and hunting for weak/default password usage.
Medium
Path Sections 14 Sections
Reward: +20
Maintaining and keeping track of a user's session is an integral part of web applications. It is an area that requires extensive testing to ensure it is set up robustly and securely. This module covers the most common attacks and vulnerabilities that can affect web application sessions, such as Session Hijacking, Session Fixation, Cross-Site Request Forgery, Cross-Site Scripting, and Open Redirects.
Medium
Path Sections 13 Sections
Reward: +20
Web services and APIs are frequently exposed to provide certain functionalities in a programmatic way between heterogeneous devices and software components. Both web services and APIs can assist in integrating different applications or facilitate separation within a given application. This module covers how to identify the functionality a web service or API offers and exploit any security-related inefficiencies.
Medium
Path Sections 21 Sections
Reward: +20
This module covers techniques for footprinting the most commonly used services in almost all enterprise and business IT infrastructures. Footprinting is an essential phase of any penetration test or security audit to identify and prevent information disclosure. Using this process, we examine the individual services and attempt to obtain as much information from them as possible.
Easy
Path Sections 19 Sections
Reward: +20
This module equips learners with essential web reconnaissance skills, crucial for ethical hacking and penetration testing. It explores both active and passive techniques, including DNS enumeration, web crawling, analysis of web archives and HTTP headers, and fingerprinting web technologies.
Medium
Path Sections 15 Sections
Reward: +100
This module covers details on Transport Layer Security (TLS) and how it helps to make HTTP secure with the widely used HTTPS. That includes how TLS works, how TLS sessions are established, common TLS misconfigurations, as well as famous attacks on TLS. We will discuss how to identify, exploit, and prevent TLS attacks.

Web Application Testing

Skill path for basic web application testing.

Medium Path Sections 268 Sections
Required: 1570
Reward: +370
Path Modules
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 23 Sections
Reward: +10
This module covers the fundamentals of penetration testing and an introduction to Hack The Box.
Fundamental
Path Sections 9 Sections
Reward: +10
This module covers topics that will help us be better prepared before conducting penetration tests. Preparations before a penetration test can often take a lot of time and effort, and this module shows how to prepare efficiently.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Medium
Path Sections 17 Sections
Reward: +10
Databases are an important part of web application infrastructure and SQL (Structured Query Language) to store, retrieve, and manipulate information stored in them. SQL injection is a code injection technique used to take advantage of coding vulnerabilities and inject SQL queries via an application to bypass authentication, retrieve data from the back-end database, or achieve code execution on the underlying server.
Medium
Path Sections 18 Sections
Reward: +20
This module covers three common web vulnerabilities, HTTP Verb Tampering, IDOR, and XXE, each of which can have a significant impact on a company's systems. We will cover how to identify, exploit, and prevent each of them through various methods.
Easy
Path Sections 11 Sections
Reward: +20
Learn how to brute force logins for various types of services and create custom wordlists based on your target.
Easy
Path Sections 10 Sections
Reward: +20
Cross-Site Scripting (XSS) vulnerabilities are among the most common web application vulnerabilities. An XSS vulnerability may allow an attacker to execute arbitrary JavaScript code within the target's browser and result in complete web application compromise if chained together with other vulnerabilities. This module will teach you how to identify XSS vulnerabilities and exploit them.
Medium
Path Sections 14 Sections
Reward: +20
Authentication is probably the most straightforward and prevalent measure used to secure access to resources, and it's the first line of defense against unauthorized access. Broken authentication is listed as #7 on the 2021 OWASP Top 10 Web Application Security Risks, falling under the broader category of Identification and Authentication failures. A vulnerability or misconfiguration at the authentication stage can impact an application's overall security.
Easy
Path Sections 15 Sections
Reward: +20
Web application penetration testing frameworks are an essential part of any web penetration test. This module will teach you two of the best frameworks: Burp Suite and OWASP ZAP.
Medium
Path Sections 11 Sections
Reward: +20
Arbitrary file uploads are among the most critical web vulnerabilities. These flaws enable attackers to upload malicious files, execute arbitrary commands on the back-end server, and even take control over the entire server and all web applications hosted on it and potentially gain access to sensitive data or cause a service disruption.
Medium
Path Sections 14 Sections
Reward: +20
Maintaining and keeping track of a user's session is an integral part of web applications. It is an area that requires extensive testing to ensure it is set up robustly and securely. This module covers the most common attacks and vulnerabilities that can affect web application sessions, such as Session Hijacking, Session Fixation, Cross-Site Request Forgery, Cross-Site Scripting, and Open Redirects.
Medium
Path Sections 13 Sections
Reward: +20
Web services and APIs are frequently exposed to provide certain functionalities in a programmatic way between heterogeneous devices and software components. Both web services and APIs can assist in integrating different applications or facilitate separation within a given application. This module covers how to identify the functionality a web service or API offers and exploit any security-related inefficiencies.
Easy
Path Sections 19 Sections
Reward: +20
This module equips learners with essential web reconnaissance skills, crucial for ethical hacking and penetration testing. It explores both active and passive techniques, including DNS enumeration, web crawling, analysis of web archives and HTTP headers, and fingerprinting web technologies.
Medium
Path Sections 12 Sections
Reward: +20
Command injection vulnerabilities can be leveraged to compromise a hosting server and its entire network. This module will teach you how to identify and exploit command injection vulnerabilities and how to use various filter bypassing techniques to avoid security mitigations.
Hard
Path Sections 19 Sections
Reward: +100
This module focuses on discovering Command Injection vulnerabilities in NodeJS servers and exploiting them to control the server.

JEP-Desarrollo

Cursos destinados a capacitación del personal de Desarrollo de JEP

Easy Path Sections 108 Sections
Required: 250
Reward: +90
Path Modules
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Easy
Path Sections 10 Sections
Reward: +20
Cross-Site Scripting (XSS) vulnerabilities are among the most common web application vulnerabilities. An XSS vulnerability may allow an attacker to execute arbitrary JavaScript code within the target's browser and result in complete web application compromise if chained together with other vulnerabilities. This module will teach you how to identify XSS vulnerabilities and exploit them.
Medium
Path Sections 17 Sections
Reward: +10
Databases are an important part of web application infrastructure and SQL (Structured Query Language) to store, retrieve, and manipulate information stored in them. SQL injection is a code injection technique used to take advantage of coding vulnerabilities and inject SQL queries via an application to bypass authentication, retrieve data from the back-end database, or achieve code execution on the underlying server.
Medium
Path Sections 14 Sections
Reward: +20
Authentication is probably the most straightforward and prevalent measure used to secure access to resources, and it's the first line of defense against unauthorized access. Broken authentication is listed as #7 on the 2021 OWASP Top 10 Web Application Security Risks, falling under the broader category of Identification and Authentication failures. A vulnerability or misconfiguration at the authentication stage can impact an application's overall security.

Sec Eng Foundation

This job role path provides a strong foundation for information security concepts and also those at the start of the journey toward becoming a security professional in Security Engineering.

Easy Path Sections 125 Sections
Required: 70
Reward: +70
Path Modules
Fundamental
Path Sections 20 Sections
Reward: +10
The learning process is one of the essential and most important components that is often overlooked. This module does not teach you techniques to learn but describes the process of learning adapted to the field of information security. You will learn to understand how and when we learn best and increase and improve your learning efficiency greatly.
Fundamental
Path Sections 9 Sections
Reward: +10
This module covers topics that will help us be better prepared before conducting penetration tests. Preparations before a penetration test can often take a lot of time and effort, and this module shows how to prepare efficiently.
Fundamental
Path Sections 23 Sections
Reward: +10
This module covers the fundamentals of penetration testing and an introduction to Hack The Box.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.

IPSE Pen Testing Basics

This path covers core security assessment concepts and provides a deep understanding of the specialized tools, attack tactics, and methodology used during penetration testing. Armed with the necessary theoretical background and multiple practical exercises, students will go through all penetration testing stages, from reconnaissance and enumeration to documentation and reporting. Upon completing our first job role path, you will have obtained the practical skills and mindset necessary to perform professional security assessments against enterprise-level infrastructure at a basic to intermediate level.

Medium Path Sections 142 Sections
Required: 390
Reward: +110
Path Modules
Fundamental
Path Sections 15 Sections
Reward: +10
This module teaches the penetration testing process broken down into each stage and discussed in detail. We will cover many aspects of the role of a penetration tester during a penetration test, explained and illustrated with detailed examples. The module also covers pre-engagement steps like the criteria for establishing a contract with a client for a penetration testing engagement.
Easy
Path Sections 15 Sections
Reward: +10
The Metasploit Framework is an open-source set of tools used for network enumeration, attacks, testing security vulnerabilities, evading detection, performing privilege escalation attacks, and performing post-exploitation.
Medium
Path Sections 17 Sections
Reward: +10
Gain the knowledge and skills to identify and use shells & payloads to establish a foothold on vulnerable Windows & Linux systems. This module utilizes a fictitious scenario where the learner will place themselves in the perspective of a sysadmin trying out for a position on CAT5 Security's network penetration testing team.
Easy
Path Sections 12 Sections
Reward: +10
Nmap is one of the most used networking mapping and discovery tools because of its accurate results and efficiency. The tool is widely used by both offensive and defensive security practitioners. This module covers fundamentals that will be needed to use the Nmap tool for performing effective network enumeration.
Easy
Path Sections 17 Sections
Reward: +10
This module introduces the concept of Vulnerability Assessments. We will review the differences between vulnerability assessments and penetration tests, how to carry out a vulnerability assessment, how to interpret the assessment results, and how to deliver an effective vulnerability assessment report.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Easy
Path Sections 15 Sections
Reward: +20
Web application penetration testing frameworks are an essential part of any web penetration test. This module will teach you two of the best frameworks: Burp Suite and OWASP ZAP.
Medium
Path Sections 33 Sections
Reward: +20
Penetration Testers can come across various applications, such as Content Management Systems, custom web applications, internal portals used by developers and sysadmins, and more. It's common to find the same applications across many different environments. While an application may not be vulnerable in one environment, it may be misconfigured or unpatched in the next. It is important as an assessor to have a firm grasp of enumerating and attacking the common applications discussed in this module. This knowledge will help when encountering other types of applications during assessments.
Medium
Path Sections 10 Sections
Reward: +10
During an assessment, it is very common for us to transfer files to and from a target system. This module covers file transfer techniques leveraging tools commonly available across all versions of Windows and Linux systems.

(General)

Defense Path (General Path)

Easy Path Sections 209 Sections
Required: 350
Reward: +150
Path Modules
Fundamental
Path Sections 20 Sections
Reward: +10
The learning process is one of the essential and most important components that is often overlooked. This module does not teach you techniques to learn but describes the process of learning adapted to the field of information security. You will learn to understand how and when we learn best and increase and improve your learning efficiency greatly.
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Easy
Path Sections 10 Sections
Reward: +10
This module covers the basics needed for working with Bash scripts to automate tasks on Linux systems. A strong grasp of Bash is a fundamental skill for anyone working in a technical information security role. Through the power of automation, we can unlock the Linux operating system's full potential and efficiently perform habitual tasks.
Medium
Path Sections 11 Sections
Reward: +10
As a penetration tester or red teamer, it is imperative that we understand the tools that we use inside and out and also have the ability to write out own, even simple, tools if we are on an assessment with certain constraints such as no internet or the requirement to use a customer provided host as our "attack box." A strong understanding of DNS as well as the various ways to interact with fundamental when performing any security assessment.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Fundamental
Path Sections 16 Sections
Reward: +10
Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface. To be successful as penetration testers and information security professionals, we must have a firm understanding of Active Directory fundamentals, AD structures, functionality, common AD flaws, misconfigurations, and defensive measures.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Fundamental
Path Sections 9 Sections
Reward: +10
This module covers topics that will help us be better prepared before conducting penetration tests. Preparations before a penetration test can often take a lot of time and effort, and this module shows how to prepare efficiently.
Medium
Path Sections 15 Sections
Reward: +10
Network traffic analysis is used by security teams to monitor network activity and look for anomalies that could indicate security and operational issues. Offensive security practitioners can use network traffic analysis to search for sensitive data such as credentials, hidden applications, reachable network segments, or other potentially sensitive information "on the wire." Network traffic analysis has many uses for attackers and defenders alike.
Medium
Path Sections 24 Sections
Reward: +20
This module builds the core foundation for Binary Exploitation by teaching Computer Architecture and Assembly language basics.
Easy
Path Sections 6 Sections
Reward: +10
Bug bounty programs encourage security researchers to identify bugs and submit vulnerability reports. Getting into the world of bug bounty hunting without any prior experience can be a daunting task, though. This module covers the bug bounty hunting process to help you start bug bounty hunting in an organized and well-structured way. It's all about effectiveness and professionally communicating your findings.

Webについて

ここでは、ウェブアプリケーションについて広くまなんでいただきます。

Medium Path Sections 39 Sections
Required: 120
Reward: +40
Path Modules
Easy
Path Sections 13 Sections
Reward: +10
This module covers the fundamental enumeration skills of web fuzzing and directory brute forcing using the Ffuf tool. The techniques learned in this module will help us in locating hidden pages, directories, and parameters when targeting web applications.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Medium
Path Sections 18 Sections
Reward: +20
This module covers three common web vulnerabilities, HTTP Verb Tampering, IDOR, and XXE, each of which can have a significant impact on a company's systems. We will cover how to identify, exploit, and prevent each of them through various methods.

Cyberswat-Web

Cyberswat web path for practice

Medium Path Sections 188 Sections
Required: 840
Reward: +200
Path Modules
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Easy
Path Sections 13 Sections
Reward: +10
This module covers the fundamental enumeration skills of web fuzzing and directory brute forcing using the Ffuf tool. The techniques learned in this module will help us in locating hidden pages, directories, and parameters when targeting web applications.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Medium
Path Sections 18 Sections
Reward: +20
This module covers three common web vulnerabilities, HTTP Verb Tampering, IDOR, and XXE, each of which can have a significant impact on a company's systems. We will cover how to identify, exploit, and prevent each of them through various methods.
Medium
Path Sections 33 Sections
Reward: +20
Penetration Testers can come across various applications, such as Content Management Systems, custom web applications, internal portals used by developers and sysadmins, and more. It's common to find the same applications across many different environments. While an application may not be vulnerable in one environment, it may be misconfigured or unpatched in the next. It is important as an assessor to have a firm grasp of enumerating and attacking the common applications discussed in this module. This knowledge will help when encountering other types of applications during assessments.
Medium
Path Sections 13 Sections
Reward: +20
Web services and APIs are frequently exposed to provide certain functionalities in a programmatic way between heterogeneous devices and software components. Both web services and APIs can assist in integrating different applications or facilitate separation within a given application. This module covers how to identify the functionality a web service or API offers and exploit any security-related inefficiencies.
Medium
Path Sections 17 Sections
Reward: +10
Databases are an important part of web application infrastructure and SQL (Structured Query Language) to store, retrieve, and manipulate information stored in them. SQL injection is a code injection technique used to take advantage of coding vulnerabilities and inject SQL queries via an application to bypass authentication, retrieve data from the back-end database, or achieve code execution on the underlying server.
Easy
Path Sections 11 Sections
Reward: +20
The SQLMap Essentials module will teach you the basics of using SQLMap to discover various types of SQL Injection vulnerabilities, all the way to the advanced enumeration of databases to retrieve all data of interest.
Medium
Path Sections 11 Sections
Reward: +20
Arbitrary file uploads are among the most critical web vulnerabilities. These flaws enable attackers to upload malicious files, execute arbitrary commands on the back-end server, and even take control over the entire server and all web applications hosted on it and potentially gain access to sensitive data or cause a service disruption.
Medium
Path Sections 14 Sections
Reward: +20
Authentication is probably the most straightforward and prevalent measure used to secure access to resources, and it's the first line of defense against unauthorized access. Broken authentication is listed as #7 on the 2021 OWASP Top 10 Web Application Security Risks, falling under the broader category of Identification and Authentication failures. A vulnerability or misconfiguration at the authentication stage can impact an application's overall security.
Medium
Path Sections 14 Sections
Reward: +20
Maintaining and keeping track of a user's session is an integral part of web applications. It is an area that requires extensive testing to ensure it is set up robustly and securely. This module covers the most common attacks and vulnerabilities that can affect web application sessions, such as Session Hijacking, Session Fixation, Cross-Site Request Forgery, Cross-Site Scripting, and Open Redirects.
Medium
Path Sections 19 Sections
Reward: +20 NEW
A backend that handles user-supplied input insecurely can lead to devastating security vulnerabilities such as sensitive information disclosure and remote code execution. This module covers how to identify and exploit server-side bugs, including Server-Side Request Forgery (SSRF), Server-Side Template Injection (SSTI), and Server-Side Includes (SSI) injection attacks.

Information Security Foundations

Information Security is a field with many specialized and highly technical disciplines. Job roles like Penetration Tester & Information Security Analyst require a solid technical foundational understanding of core IT & Information Security topics. This skill path is made up of modules that will assist learners in developing &/or strengthening a foundational understanding before proceeding with learning the more complex security topics. Every long-standing building first needs a solid foundation. Welcome to Information Security Foundations.

Easy Path Sections 191 Sections
Required: 200
Reward: +120
Path Modules
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 20 Sections
Reward: +10
The learning process is one of the essential and most important components that is often overlooked. This module does not teach you techniques to learn but describes the process of learning adapted to the field of information security. You will learn to understand how and when we learn best and increase and improve your learning efficiency greatly.
Fundamental
Path Sections 9 Sections
Reward: +10
This module covers topics that will help us be better prepared before conducting penetration tests. Preparations before a penetration test can often take a lot of time and effort, and this module shows how to prepare efficiently.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Easy
Path Sections 23 Sections
Reward: +10
As administrators and Pentesters, we may not always be able to utilize a graphical user interface for the actions we need to perform. Introduction to Windows Command Line aims to introduce students to the wide range of uses for Command Prompt and PowerShell within a Windows environment. We will cover basic usage of both key executables for administration, useful PowerShell cmdlets and modules, and different ways to leverage these tools to our benefit.
Easy
Path Sections 10 Sections
Reward: +10
This module covers the basics needed for working with Bash scripts to automate tasks on Linux systems. A strong grasp of Bash is a fundamental skill for anyone working in a technical information security role. Through the power of automation, we can unlock the Linux operating system's full potential and efficiently perform habitual tasks.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Medium
Path Sections 15 Sections
Reward: +10
Network traffic analysis is used by security teams to monitor network activity and look for anomalies that could indicate security and operational issues. Offensive security practitioners can use network traffic analysis to search for sensitive data such as credentials, hidden applications, reachable network segments, or other potentially sensitive information "on the wire." Network traffic analysis has many uses for attackers and defenders alike.
Fundamental
Path Sections 16 Sections
Reward: +10
Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface. To be successful as penetration testers and information security professionals, we must have a firm understanding of Active Directory fundamentals, AD structures, functionality, common AD flaws, misconfigurations, and defensive measures.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.

SOClets

Really basic starter package

Easy Path Sections 142 Sections
Required: 180
Reward: +100
Path Modules
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 20 Sections
Reward: +10
The learning process is one of the essential and most important components that is often overlooked. This module does not teach you techniques to learn but describes the process of learning adapted to the field of information security. You will learn to understand how and when we learn best and increase and improve your learning efficiency greatly.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Fundamental
Path Sections 16 Sections
Reward: +10
Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface. To be successful as penetration testers and information security professionals, we must have a firm understanding of Active Directory fundamentals, AD structures, functionality, common AD flaws, misconfigurations, and defensive measures.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Easy
Path Sections 8 Sections
Reward: +20
Proper documentation is paramount during any engagement. The end goal of a technical assessment is the report deliverable which will often be presented to a broad audience within the target organization. We must take detailed notes and be very organized in our documentation, which will help us in the event of an incident during the assessment. This will also help ensure that our reports contain enough detail to illustrate the impact of our findings properly.

Roberto Puente

Plan armado para Roberto Puente

Medium Path Sections 235 Sections
Required: 2200
Reward: +480
Path Modules
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Easy
Path Sections 12 Sections
Reward: +10
Nmap is one of the most used networking mapping and discovery tools because of its accurate results and efficiency. The tool is widely used by both offensive and defensive security practitioners. This module covers fundamentals that will be needed to use the Nmap tool for performing effective network enumeration.
Fundamental
Path Sections 16 Sections
Reward: +10
Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface. To be successful as penetration testers and information security professionals, we must have a firm understanding of Active Directory fundamentals, AD structures, functionality, common AD flaws, misconfigurations, and defensive measures.
Medium
Path Sections 12 Sections
Reward: +100
This module provides an overview of Active Directory (AD), introduces core AD enumeration concepts, and covers enumeration with built-in tools.
Medium
Path Sections 9 Sections
Reward: +100
This module covers AD enumeration focusing on the PowerView and SharpView tools. We will cover various techniques for enumerating key AD objects that will inform our attacks in later modules.
Medium
Path Sections 36 Sections
Reward: +20
Active Directory (AD) is the leading enterprise domain management suite, providing identity and access management, centralized domain administration, authentication, and much more. Due to the many features and complexity of AD, it presents a large attack surface that is difficult to secure properly. To be successful as infosec professionals, we must understand AD architectures and how to secure our enterprise environments. As Penetration testers, having a firm grasp of what tools, techniques, and procedures are available to us for enumerating and attacking AD environments and commonly seen AD misconfigurations is a must.
Medium
Path Sections 14 Sections
Reward: +100
This module covers AD enumeration focusing on the BloodHound tool. We will cover various techniques for enumerating key AD objects that will inform our attacks in later modules.
Medium
Path Sections 10 Sections
Reward: +10
During an assessment, it is very common for us to transfer files to and from a target system. This module covers file transfer techniques leveraging tools commonly available across all versions of Windows and Linux systems.
Easy
Path Sections 17 Sections
Reward: +10
This module introduces the concept of Vulnerability Assessments. We will review the differences between vulnerability assessments and penetration tests, how to carry out a vulnerability assessment, how to interpret the assessment results, and how to deliver an effective vulnerability assessment report.
Easy
Path Sections 19 Sections
Reward: +20
This module equips learners with essential web reconnaissance skills, crucial for ethical hacking and penetration testing. It explores both active and passive techniques, including DNS enumeration, web crawling, analysis of web archives and HTTP headers, and fingerprinting web technologies.
Medium
Path Sections 21 Sections
Reward: +20
This module covers techniques for footprinting the most commonly used services in almost all enterprise and business IT infrastructures. Footprinting is an essential phase of any penetration test or security audit to identify and prevent information disclosure. Using this process, we examine the individual services and attempt to obtain as much information from them as possible.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Medium
Path Sections 14 Sections
Reward: +20
We often encounter large and complex networks during our assessments. We must be comfortable approaching an internal or external network, regardless of the size, and be able to work through each phase of the penetration testing process to reach our goal. This module will guide students through a simulated penetration testing engagement, from start to finish, with an emphasis on hands-on testing steps that are directly applicable to real-world engagements.
Medium
Path Sections 18 Sections
Reward: +20
Once a foothold is gained during an assessment, it may be in scope to move laterally and vertically within a target network. Using one compromised machine to access another is called pivoting and allows us to access networks and resources that are not directly accessible to us through the compromised host. Port forwarding accepts the traffic on a given IP address and port and redirects it to a different IP address and port combination. Tunneling is a technique that allows us to encapsulate traffic within another protocol so that it looks like a benign traffic stream.
Easy
Path Sections 8 Sections
Reward: +20
Proper documentation is paramount during any engagement. The end goal of a technical assessment is the report deliverable which will often be presented to a broad audience within the target organization. We must take detailed notes and be very organized in our documentation, which will help us in the event of an incident during the assessment. This will also help ensure that our reports contain enough detail to illustrate the impact of our findings properly.

Introduction to Appsec

A starting point for anyone new to appsec

Easy Path Sections 68 Sections
Required: 140
Reward: +60
Path Modules
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 20 Sections
Reward: +10
The learning process is one of the essential and most important components that is often overlooked. This module does not teach you techniques to learn but describes the process of learning adapted to the field of information security. You will learn to understand how and when we learn best and increase and improve your learning efficiency greatly.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Easy
Path Sections 15 Sections
Reward: +20
Web application penetration testing frameworks are an essential part of any web penetration test. This module will teach you two of the best frameworks: Burp Suite and OWASP ZAP.

web test

web test web test web test

Easy Path Sections 43 Sections
Required: 120
Reward: +40
Path Modules
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Medium
Path Sections 18 Sections
Reward: +20
This module covers three common web vulnerabilities, HTTP Verb Tampering, IDOR, and XXE, each of which can have a significant impact on a company's systems. We will cover how to identify, exploit, and prevent each of them through various methods.

CRAI New Hire

Training for new hires based on initial modules selected

Medium Path Sections 252 Sections
Required: 2210
Reward: +490
Path Modules
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Easy
Path Sections 10 Sections
Reward: +10
This module covers the basics needed for working with Bash scripts to automate tasks on Linux systems. A strong grasp of Bash is a fundamental skill for anyone working in a technical information security role. Through the power of automation, we can unlock the Linux operating system's full potential and efficiently perform habitual tasks.
Hard
Path Sections 23 Sections
Reward: +200
OSINT (Open-source Intelligence) is a crucial stage of the penetration testing process. A thorough examination of publicly available information can increase the chances of finding a vulnerable system, gaining valid credentials through password spraying, or gaining a foothold via social engineering. There is a vast amount of publicly available information from which relevant information needs to be selected.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Easy
Path Sections 11 Sections
Reward: +10
This module will take you step-by-step through the fundamentals of JavaScript Deobfuscation until you can deobfuscate basic JavaScript code and understand its purpose.
Easy
Path Sections 11 Sections
Reward: +20
Learn how to brute force logins for various types of services and create custom wordlists based on your target.
Easy
Path Sections 11 Sections
Reward: +20
The SQLMap Essentials module will teach you the basics of using SQLMap to discover various types of SQL Injection vulnerabilities, all the way to the advanced enumeration of databases to retrieve all data of interest.
Medium
Path Sections 33 Sections
Reward: +20
After gaining a foothold, elevating our privileges will provide more options for persistence and may reveal information stored locally that can further our access in the environment. Enumeration is the key to privilege escalation. When you gain initial shell access to the host, it is important to gain situational awareness and uncover details relating to the OS version, patch level, any installed software, our current privileges, group memberships, and more. Windows presents an enormous attack surface and, being that most companies run Windows hosts in some way, we will more often than not find ourselves gaining access to Windows machines during our assessments. This covers common methods while emphasizing real-world misconfigurations and flaws that we may encounter during an assessment. There are many additional "edge-case" possibilities not covered in this module. We will cover both modern and legacy Windows Server and Desktop versions that may be present in a client environment.
Fundamental
Path Sections 16 Sections
Reward: +10
Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface. To be successful as penetration testers and information security professionals, we must have a firm understanding of Active Directory fundamentals, AD structures, functionality, common AD flaws, misconfigurations, and defensive measures.
Medium
Path Sections 14 Sections
Reward: +100
This module covers AD enumeration focusing on the BloodHound tool. We will cover various techniques for enumerating key AD objects that will inform our attacks in later modules.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Medium
Path Sections 33 Sections
Reward: +20
Penetration Testers can come across various applications, such as Content Management Systems, custom web applications, internal portals used by developers and sysadmins, and more. It's common to find the same applications across many different environments. While an application may not be vulnerable in one environment, it may be misconfigured or unpatched in the next. It is important as an assessor to have a firm grasp of enumerating and attacking the common applications discussed in this module. This knowledge will help when encountering other types of applications during assessments.
Medium
Path Sections 19 Sections
Reward: +20
Organizations regularly use a standard set of services for different purposes. It is vital to conduct penetration testing activities on each service internally and externally to ensure that they are not introducing security threats. This module will cover how to enumerate each service and test it against known vulnerabilities and exploits with a standard set of tools.
Easy
Path Sections 8 Sections
Reward: +20
Proper documentation is paramount during any engagement. The end goal of a technical assessment is the report deliverable which will often be presented to a broad audience within the target organization. We must take detailed notes and be very organized in our documentation, which will help us in the event of an incident during the assessment. This will also help ensure that our reports contain enough detail to illustrate the impact of our findings properly.

VE Fundamentals

This path sets the foundation for all technical assessment paths. The VE Fundamentals foundation is designed for all personnel whether technical or non-technical to gain an awareness for the basics of how assessments happen.

Medium Path Sections 141 Sections
Required: 250
Reward: +90
Path Modules
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Medium
Path Sections 10 Sections
Reward: +10
During an assessment, it is very common for us to transfer files to and from a target system. This module covers file transfer techniques leveraging tools commonly available across all versions of Windows and Linux systems.
Easy
Path Sections 12 Sections
Reward: +10
Nmap is one of the most used networking mapping and discovery tools because of its accurate results and efficiency. The tool is widely used by both offensive and defensive security practitioners. This module covers fundamentals that will be needed to use the Nmap tool for performing effective network enumeration.
Medium
Path Sections 17 Sections
Reward: +10
Gain the knowledge and skills to identify and use shells & payloads to establish a foothold on vulnerable Windows & Linux systems. This module utilizes a fictitious scenario where the learner will place themselves in the perspective of a sysadmin trying out for a position on CAT5 Security's network penetration testing team.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Medium
Path Sections 33 Sections
Reward: +20
Penetration Testers can come across various applications, such as Content Management Systems, custom web applications, internal portals used by developers and sysadmins, and more. It's common to find the same applications across many different environments. While an application may not be vulnerable in one environment, it may be misconfigured or unpatched in the next. It is important as an assessor to have a firm grasp of enumerating and attacking the common applications discussed in this module. This knowledge will help when encountering other types of applications during assessments.

bp Information Security Foundations

Information Security is a field with many specialized and highly technical disciplines. Job roles like Penetration Tester & Information Security Analyst require a solid technical foundational understanding of core IT & Information Security topics. This skill path is made up of modules that will assist learners in developing &/or strengthening a foundational understanding before proceeding with learning the more complex security topics. Every long-standing building first needs a solid foundation. Welcome to Information Security Foundations.

Easy Path Sections 168 Sections
Required: 150
Reward: +110
Path Modules
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 20 Sections
Reward: +10
The learning process is one of the essential and most important components that is often overlooked. This module does not teach you techniques to learn but describes the process of learning adapted to the field of information security. You will learn to understand how and when we learn best and increase and improve your learning efficiency greatly.
Fundamental
Path Sections 9 Sections
Reward: +10
This module covers topics that will help us be better prepared before conducting penetration tests. Preparations before a penetration test can often take a lot of time and effort, and this module shows how to prepare efficiently.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Easy
Path Sections 10 Sections
Reward: +10
This module covers the basics needed for working with Bash scripts to automate tasks on Linux systems. A strong grasp of Bash is a fundamental skill for anyone working in a technical information security role. Through the power of automation, we can unlock the Linux operating system's full potential and efficiently perform habitual tasks.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Medium
Path Sections 15 Sections
Reward: +10
Network traffic analysis is used by security teams to monitor network activity and look for anomalies that could indicate security and operational issues. Offensive security practitioners can use network traffic analysis to search for sensitive data such as credentials, hidden applications, reachable network segments, or other potentially sensitive information "on the wire." Network traffic analysis has many uses for attackers and defenders alike.
Fundamental
Path Sections 16 Sections
Reward: +10
Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface. To be successful as penetration testers and information security professionals, we must have a firm understanding of Active Directory fundamentals, AD structures, functionality, common AD flaws, misconfigurations, and defensive measures.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.

Beginner Pen Tester

This path is curated for users who are just beginning their penetration testing journeys.

Medium Path Sections 493 Sections
Required: 1370
Reward: +410
Path Modules
Fundamental
Path Sections 20 Sections
Reward: +10
The learning process is one of the essential and most important components that is often overlooked. This module does not teach you techniques to learn but describes the process of learning adapted to the field of information security. You will learn to understand how and when we learn best and increase and improve your learning efficiency greatly.
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 23 Sections
Reward: +10
This module covers the fundamentals of penetration testing and an introduction to Hack The Box.
Fundamental
Path Sections 9 Sections
Reward: +10
This module covers topics that will help us be better prepared before conducting penetration tests. Preparations before a penetration test can often take a lot of time and effort, and this module shows how to prepare efficiently.
Fundamental
Path Sections 15 Sections
Reward: +10
This module teaches the penetration testing process broken down into each stage and discussed in detail. We will cover many aspects of the role of a penetration tester during a penetration test, explained and illustrated with detailed examples. The module also covers pre-engagement steps like the criteria for establishing a contract with a client for a penetration testing engagement.
Easy
Path Sections 17 Sections
Reward: +10
This module introduces the concept of Vulnerability Assessments. We will review the differences between vulnerability assessments and penetration tests, how to carry out a vulnerability assessment, how to interpret the assessment results, and how to deliver an effective vulnerability assessment report.
Easy
Path Sections 8 Sections
Reward: +20
Proper documentation is paramount during any engagement. The end goal of a technical assessment is the report deliverable which will often be presented to a broad audience within the target organization. We must take detailed notes and be very organized in our documentation, which will help us in the event of an incident during the assessment. This will also help ensure that our reports contain enough detail to illustrate the impact of our findings properly.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Medium
Path Sections 15 Sections
Reward: +10
Network traffic analysis is used by security teams to monitor network activity and look for anomalies that could indicate security and operational issues. Offensive security practitioners can use network traffic analysis to search for sensitive data such as credentials, hidden applications, reachable network segments, or other potentially sensitive information "on the wire." Network traffic analysis has many uses for attackers and defenders alike.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Fundamental
Path Sections 16 Sections
Reward: +10
Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface. To be successful as penetration testers and information security professionals, we must have a firm understanding of Active Directory fundamentals, AD structures, functionality, common AD flaws, misconfigurations, and defensive measures.
Easy
Path Sections 10 Sections
Reward: +10
This module covers the basics needed for working with Bash scripts to automate tasks on Linux systems. A strong grasp of Bash is a fundamental skill for anyone working in a technical information security role. Through the power of automation, we can unlock the Linux operating system's full potential and efficiently perform habitual tasks.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Easy
Path Sections 12 Sections
Reward: +10
Nmap is one of the most used networking mapping and discovery tools because of its accurate results and efficiency. The tool is widely used by both offensive and defensive security practitioners. This module covers fundamentals that will be needed to use the Nmap tool for performing effective network enumeration.
Medium
Path Sections 21 Sections
Reward: +20
This module covers techniques for footprinting the most commonly used services in almost all enterprise and business IT infrastructures. Footprinting is an essential phase of any penetration test or security audit to identify and prevent information disclosure. Using this process, we examine the individual services and attempt to obtain as much information from them as possible.
Easy
Path Sections 19 Sections
Reward: +20
This module equips learners with essential web reconnaissance skills, crucial for ethical hacking and penetration testing. It explores both active and passive techniques, including DNS enumeration, web crawling, analysis of web archives and HTTP headers, and fingerprinting web technologies.
Medium
Path Sections 10 Sections
Reward: +10
During an assessment, it is very common for us to transfer files to and from a target system. This module covers file transfer techniques leveraging tools commonly available across all versions of Windows and Linux systems.
Medium
Path Sections 17 Sections
Reward: +10
Gain the knowledge and skills to identify and use shells & payloads to establish a foothold on vulnerable Windows & Linux systems. This module utilizes a fictitious scenario where the learner will place themselves in the perspective of a sysadmin trying out for a position on CAT5 Security's network penetration testing team.
Easy
Path Sections 15 Sections
Reward: +10
The Metasploit Framework is an open-source set of tools used for network enumeration, attacks, testing security vulnerabilities, evading detection, performing privilege escalation attacks, and performing post-exploitation.
Medium
Path Sections 18 Sections
Reward: +20
Once a foothold is gained during an assessment, it may be in scope to move laterally and vertically within a target network. Using one compromised machine to access another is called pivoting and allows us to access networks and resources that are not directly accessible to us through the compromised host. Port forwarding accepts the traffic on a given IP address and port and redirects it to a different IP address and port combination. Tunneling is a technique that allows us to encapsulate traffic within another protocol so that it looks like a benign traffic stream.
Easy
Path Sections 15 Sections
Reward: +20
Web application penetration testing frameworks are an essential part of any web penetration test. This module will teach you two of the best frameworks: Burp Suite and OWASP ZAP.
Easy
Path Sections 13 Sections
Reward: +10
This module covers the fundamental enumeration skills of web fuzzing and directory brute forcing using the Ffuf tool. The techniques learned in this module will help us in locating hidden pages, directories, and parameters when targeting web applications.
Medium
Path Sections 14 Sections
Reward: +20
This module covers the fundamentals of password cracking using the Hashcat tool.
Easy
Path Sections 11 Sections
Reward: +20
Learn how to brute force logins for various types of services and create custom wordlists based on your target.
Medium
Path Sections 11 Sections
Reward: +10
File Inclusion is a common web application vulnerability, which can be easily overlooked as part of a web application's functionality.
Easy
Path Sections 28 Sections
Reward: +20
Privilege escalation is a crucial phase during any security assessment. During this phase, we attempt to gain access to additional users, hosts, and resources to move closer to the assessment's overall goal. There are many ways to escalate privileges. This module aims to cover the most common methods emphasizing real-world misconfigurations and flaws that we may encounter in a client environment. The techniques covered in this module are not an exhaustive list of all possibilities and aim to avoid extreme "edge-case" tactics that may be seen in a Capture the Flag (CTF) exercise.
Medium
Path Sections 33 Sections
Reward: +20
After gaining a foothold, elevating our privileges will provide more options for persistence and may reveal information stored locally that can further our access in the environment. Enumeration is the key to privilege escalation. When you gain initial shell access to the host, it is important to gain situational awareness and uncover details relating to the OS version, patch level, any installed software, our current privileges, group memberships, and more. Windows presents an enormous attack surface and, being that most companies run Windows hosts in some way, we will more often than not find ourselves gaining access to Windows machines during our assessments. This covers common methods while emphasizing real-world misconfigurations and flaws that we may encounter during an assessment. There are many additional "edge-case" possibilities not covered in this module. We will cover both modern and legacy Windows Server and Desktop versions that may be present in a client environment.
Medium
Path Sections 14 Sections
Reward: +20
Authentication is probably the most straightforward and prevalent measure used to secure access to resources, and it's the first line of defense against unauthorized access. Broken authentication is listed as #7 on the 2021 OWASP Top 10 Web Application Security Risks, falling under the broader category of Identification and Authentication failures. A vulnerability or misconfiguration at the authentication stage can impact an application's overall security.
Easy
Path Sections 11 Sections
Reward: +10
This module will take you step-by-step through the fundamentals of JavaScript Deobfuscation until you can deobfuscate basic JavaScript code and understand its purpose.

Redteamer Base I

This Company path serve as foundation of the required skillets to perform as Redteamer.

Easy Path Sections 267 Sections
Required: 400
Reward: +160
Path Modules
Fundamental
Path Sections 23 Sections
Reward: +10
This module covers the fundamentals of penetration testing and an introduction to Hack The Box.
Fundamental
Path Sections 20 Sections
Reward: +10
The learning process is one of the essential and most important components that is often overlooked. This module does not teach you techniques to learn but describes the process of learning adapted to the field of information security. You will learn to understand how and when we learn best and increase and improve your learning efficiency greatly.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Easy
Path Sections 10 Sections
Reward: +10
This module covers the basics needed for working with Bash scripts to automate tasks on Linux systems. A strong grasp of Bash is a fundamental skill for anyone working in a technical information security role. Through the power of automation, we can unlock the Linux operating system's full potential and efficiently perform habitual tasks.
Easy
Path Sections 28 Sections
Reward: +20
Privilege escalation is a crucial phase during any security assessment. During this phase, we attempt to gain access to additional users, hosts, and resources to move closer to the assessment's overall goal. There are many ways to escalate privileges. This module aims to cover the most common methods emphasizing real-world misconfigurations and flaws that we may encounter in a client environment. The techniques covered in this module are not an exhaustive list of all possibilities and aim to avoid extreme "edge-case" tactics that may be seen in a Capture the Flag (CTF) exercise.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Fundamental
Path Sections 16 Sections
Reward: +10
Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface. To be successful as penetration testers and information security professionals, we must have a firm understanding of Active Directory fundamentals, AD structures, functionality, common AD flaws, misconfigurations, and defensive measures.
Medium
Path Sections 33 Sections
Reward: +20
After gaining a foothold, elevating our privileges will provide more options for persistence and may reveal information stored locally that can further our access in the environment. Enumeration is the key to privilege escalation. When you gain initial shell access to the host, it is important to gain situational awareness and uncover details relating to the OS version, patch level, any installed software, our current privileges, group memberships, and more. Windows presents an enormous attack surface and, being that most companies run Windows hosts in some way, we will more often than not find ourselves gaining access to Windows machines during our assessments. This covers common methods while emphasizing real-world misconfigurations and flaws that we may encounter during an assessment. There are many additional "edge-case" possibilities not covered in this module. We will cover both modern and legacy Windows Server and Desktop versions that may be present in a client environment.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Medium
Path Sections 15 Sections
Reward: +10
Network traffic analysis is used by security teams to monitor network activity and look for anomalies that could indicate security and operational issues. Offensive security practitioners can use network traffic analysis to search for sensitive data such as credentials, hidden applications, reachable network segments, or other potentially sensitive information "on the wire." Network traffic analysis has many uses for attackers and defenders alike.
Easy
Path Sections 15 Sections
Reward: +10
The Metasploit Framework is an open-source set of tools used for network enumeration, attacks, testing security vulnerabilities, evading detection, performing privilege escalation attacks, and performing post-exploitation.
Medium
Path Sections 17 Sections
Reward: +10
Gain the knowledge and skills to identify and use shells & payloads to establish a foothold on vulnerable Windows & Linux systems. This module utilizes a fictitious scenario where the learner will place themselves in the perspective of a sysadmin trying out for a position on CAT5 Security's network penetration testing team.

Web App Security

Test web app security path

Medium Path Sections 115 Sections
Required: 480
Reward: +120
Path Modules
Easy
Path Sections 12 Sections
Reward: +10
Nmap is one of the most used networking mapping and discovery tools because of its accurate results and efficiency. The tool is widely used by both offensive and defensive security practitioners. This module covers fundamentals that will be needed to use the Nmap tool for performing effective network enumeration.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Easy
Path Sections 13 Sections
Reward: +10
This module covers the fundamental enumeration skills of web fuzzing and directory brute forcing using the Ffuf tool. The techniques learned in this module will help us in locating hidden pages, directories, and parameters when targeting web applications.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Easy
Path Sections 15 Sections
Reward: +20
Web application penetration testing frameworks are an essential part of any web penetration test. This module will teach you two of the best frameworks: Burp Suite and OWASP ZAP.
Medium
Path Sections 18 Sections
Reward: +20
This module covers three common web vulnerabilities, HTTP Verb Tampering, IDOR, and XXE, each of which can have a significant impact on a company's systems. We will cover how to identify, exploit, and prevent each of them through various methods.
Easy
Path Sections 19 Sections
Reward: +20
This module equips learners with essential web reconnaissance skills, crucial for ethical hacking and penetration testing. It explores both active and passive techniques, including DNS enumeration, web crawling, analysis of web archives and HTTP headers, and fingerprinting web technologies.
Medium
Path Sections 13 Sections
Reward: +20
Web services and APIs are frequently exposed to provide certain functionalities in a programmatic way between heterogeneous devices and software components. Both web services and APIs can assist in integrating different applications or facilitate separation within a given application. This module covers how to identify the functionality a web service or API offers and exploit any security-related inefficiencies.

Test Path

Let's try this learning path for fun

Easy Path Sections 216 Sections
Required: 1020
Reward: +260
Path Modules
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Easy
Path Sections 12 Sections
Reward: +10
Nmap is one of the most used networking mapping and discovery tools because of its accurate results and efficiency. The tool is widely used by both offensive and defensive security practitioners. This module covers fundamentals that will be needed to use the Nmap tool for performing effective network enumeration.
Easy
Path Sections 10 Sections
Reward: +10
This module covers the basics needed for working with Bash scripts to automate tasks on Linux systems. A strong grasp of Bash is a fundamental skill for anyone working in a technical information security role. Through the power of automation, we can unlock the Linux operating system's full potential and efficiently perform habitual tasks.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Easy
Path Sections 28 Sections
Reward: +20
Privilege escalation is a crucial phase during any security assessment. During this phase, we attempt to gain access to additional users, hosts, and resources to move closer to the assessment's overall goal. There are many ways to escalate privileges. This module aims to cover the most common methods emphasizing real-world misconfigurations and flaws that we may encounter in a client environment. The techniques covered in this module are not an exhaustive list of all possibilities and aim to avoid extreme "edge-case" tactics that may be seen in a Capture the Flag (CTF) exercise.
Medium
Path Sections 14 Sections
Reward: +100
This module covers AD enumeration focusing on the BloodHound tool. We will cover various techniques for enumerating key AD objects that will inform our attacks in later modules.
Fundamental
Path Sections 16 Sections
Reward: +10
Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface. To be successful as penetration testers and information security professionals, we must have a firm understanding of Active Directory fundamentals, AD structures, functionality, common AD flaws, misconfigurations, and defensive measures.
Medium
Path Sections 11 Sections
Reward: +20
Arbitrary file uploads are among the most critical web vulnerabilities. These flaws enable attackers to upload malicious files, execute arbitrary commands on the back-end server, and even take control over the entire server and all web applications hosted on it and potentially gain access to sensitive data or cause a service disruption.
Medium
Path Sections 17 Sections
Reward: +10
Gain the knowledge and skills to identify and use shells & payloads to establish a foothold on vulnerable Windows & Linux systems. This module utilizes a fictitious scenario where the learner will place themselves in the perspective of a sysadmin trying out for a position on CAT5 Security's network penetration testing team.
Easy
Path Sections 11 Sections
Reward: +10
This module will take you step-by-step through the fundamentals of JavaScript Deobfuscation until you can deobfuscate basic JavaScript code and understand its purpose.
Easy
Path Sections 16 Sections
Reward: +20
WordPress is an open-source Content Management System (CMS) that can be used for multiple purposes.
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.

OSCP - Web Applications/API

This pathway will prepare you for the various elements of web application testing you must understand to pass the OSCP. In many cases, the initial foothold onto a box will involve the exploitation of a web application or API.

Medium Path Sections 183 Sections
Required: 930
Reward: +210
Path Modules
Easy
Path Sections 15 Sections
Reward: +20
Web application penetration testing frameworks are an essential part of any web penetration test. This module will teach you two of the best frameworks: Burp Suite and OWASP ZAP.
Easy
Path Sections 19 Sections
Reward: +20
This module equips learners with essential web reconnaissance skills, crucial for ethical hacking and penetration testing. It explores both active and passive techniques, including DNS enumeration, web crawling, analysis of web archives and HTTP headers, and fingerprinting web technologies.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Medium
Path Sections 17 Sections
Reward: +10
Databases are an important part of web application infrastructure and SQL (Structured Query Language) to store, retrieve, and manipulate information stored in them. SQL injection is a code injection technique used to take advantage of coding vulnerabilities and inject SQL queries via an application to bypass authentication, retrieve data from the back-end database, or achieve code execution on the underlying server.
Easy
Path Sections 10 Sections
Reward: +20
Cross-Site Scripting (XSS) vulnerabilities are among the most common web application vulnerabilities. An XSS vulnerability may allow an attacker to execute arbitrary JavaScript code within the target's browser and result in complete web application compromise if chained together with other vulnerabilities. This module will teach you how to identify XSS vulnerabilities and exploit them.
Medium
Path Sections 11 Sections
Reward: +10
File Inclusion is a common web application vulnerability, which can be easily overlooked as part of a web application's functionality.
Medium
Path Sections 11 Sections
Reward: +20
Arbitrary file uploads are among the most critical web vulnerabilities. These flaws enable attackers to upload malicious files, execute arbitrary commands on the back-end server, and even take control over the entire server and all web applications hosted on it and potentially gain access to sensitive data or cause a service disruption.
Medium
Path Sections 12 Sections
Reward: +20
Command injection vulnerabilities can be leveraged to compromise a hosting server and its entire network. This module will teach you how to identify and exploit command injection vulnerabilities and how to use various filter bypassing techniques to avoid security mitigations.
Medium
Path Sections 18 Sections
Reward: +20
This module covers three common web vulnerabilities, HTTP Verb Tampering, IDOR, and XXE, each of which can have a significant impact on a company's systems. We will cover how to identify, exploit, and prevent each of them through various methods.
Medium
Path Sections 33 Sections
Reward: +20
Penetration Testers can come across various applications, such as Content Management Systems, custom web applications, internal portals used by developers and sysadmins, and more. It's common to find the same applications across many different environments. While an application may not be vulnerable in one environment, it may be misconfigured or unpatched in the next. It is important as an assessor to have a firm grasp of enumerating and attacking the common applications discussed in this module. This knowledge will help when encountering other types of applications during assessments.
Easy
Path Sections 16 Sections
Reward: +20
WordPress is an open-source Content Management System (CMS) that can be used for multiple purposes.
Medium
Path Sections 13 Sections
Reward: +20
Web services and APIs are frequently exposed to provide certain functionalities in a programmatic way between heterogeneous devices and software components. Both web services and APIs can assist in integrating different applications or facilitate separation within a given application. This module covers how to identify the functionality a web service or API offers and exploit any security-related inefficiencies.

Getting started

Fundamentals of windows operating system and networking

Easy Path Sections 71 Sections
Required: 50
Reward: +50
Path Modules
Fundamental
Path Sections 20 Sections
Reward: +10
The learning process is one of the essential and most important components that is often overlooked. This module does not teach you techniques to learn but describes the process of learning adapted to the field of information security. You will learn to understand how and when we learn best and increase and improve your learning efficiency greatly.
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.

Foundational Training Path (Step 0)

Foundational technical knowledge.

Easy Path Sections 338 Sections
Required: 800
Reward: +280
Path Modules
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 20 Sections
Reward: +10
The learning process is one of the essential and most important components that is often overlooked. This module does not teach you techniques to learn but describes the process of learning adapted to the field of information security. You will learn to understand how and when we learn best and increase and improve your learning efficiency greatly.
Fundamental
Path Sections 9 Sections
Reward: +10
This module covers topics that will help us be better prepared before conducting penetration tests. Preparations before a penetration test can often take a lot of time and effort, and this module shows how to prepare efficiently.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Easy
Path Sections 10 Sections
Reward: +10
This module covers the basics needed for working with Bash scripts to automate tasks on Linux systems. A strong grasp of Bash is a fundamental skill for anyone working in a technical information security role. Through the power of automation, we can unlock the Linux operating system's full potential and efficiently perform habitual tasks.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Easy
Path Sections 12 Sections
Reward: +10
Nmap is one of the most used networking mapping and discovery tools because of its accurate results and efficiency. The tool is widely used by both offensive and defensive security practitioners. This module covers fundamentals that will be needed to use the Nmap tool for performing effective network enumeration.
Fundamental
Path Sections 16 Sections
Reward: +10
Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface. To be successful as penetration testers and information security professionals, we must have a firm understanding of Active Directory fundamentals, AD structures, functionality, common AD flaws, misconfigurations, and defensive measures.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Easy
Path Sections 15 Sections
Reward: +20
Web application penetration testing frameworks are an essential part of any web penetration test. This module will teach you two of the best frameworks: Burp Suite and OWASP ZAP.
Easy
Path Sections 13 Sections
Reward: +10
This module covers the fundamental enumeration skills of web fuzzing and directory brute forcing using the Ffuf tool. The techniques learned in this module will help us in locating hidden pages, directories, and parameters when targeting web applications.
Easy
Path Sections 11 Sections
Reward: +20
Learn how to brute force logins for various types of services and create custom wordlists based on your target.
Medium
Path Sections 14 Sections
Reward: +20
This module covers the fundamentals of password cracking using the Hashcat tool.
Medium
Path Sections 15 Sections
Reward: +10
Network traffic analysis is used by security teams to monitor network activity and look for anomalies that could indicate security and operational issues. Offensive security practitioners can use network traffic analysis to search for sensitive data such as credentials, hidden applications, reachable network segments, or other potentially sensitive information "on the wire." Network traffic analysis has many uses for attackers and defenders alike.
Easy
Path Sections 14 Sections
Reward: +10
Automating tedious or otherwise impossible tasks is highly valued during both penetration testing engagements and everyday life. Introduction to Python 3 aims to introduce the student to the world of scripting with Python 3 and covers the essential building blocks needed for a beginner to understand programming. Some advanced topics are also covered for the more experienced student. In a guided fashion and starting soft, the final goal of this module is to equip the reader with enough know-how to be able to implement simple yet useful pieces of software.
Medium
Path Sections 24 Sections
Reward: +20
This module builds the core foundation for Binary Exploitation by teaching Computer Architecture and Assembly language basics.
Medium
Path Sections 13 Sections
Reward: +10
Buffer overflows are common vulnerabilities in software applications that can be exploited to achieve remote code execution (RCE) or perform a Denial-of-Service (DoS) attack. These vulnerabilities are caused by insecure coding, resulting in an attacker being able to overrun a program's buffer and overwrite adjacent memory locations, changing the program's execution path and resulting in unintended actions.
Medium
Path Sections 11 Sections
Reward: +10
This module is your first step into Windows Binary Exploitation, and it will teach you how to exploit local and remote buffer overflow vulnerabilities on Windows machines.
Medium
Path Sections 17 Sections
Reward: +10
Databases are an important part of web application infrastructure and SQL (Structured Query Language) to store, retrieve, and manipulate information stored in them. SQL injection is a code injection technique used to take advantage of coding vulnerabilities and inject SQL queries via an application to bypass authentication, retrieve data from the back-end database, or achieve code execution on the underlying server.
Easy
Path Sections 11 Sections
Reward: +20
The SQLMap Essentials module will teach you the basics of using SQLMap to discover various types of SQL Injection vulnerabilities, all the way to the advanced enumeration of databases to retrieve all data of interest.
Easy
Path Sections 15 Sections
Reward: +10
The Metasploit Framework is an open-source set of tools used for network enumeration, attacks, testing security vulnerabilities, evading detection, performing privilege escalation attacks, and performing post-exploitation.

Blueteam Beginner

Used for blue team beginner meetings

Easy Path Sections 116 Sections
Required: 70
Reward: +70
Path Modules
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Easy
Path Sections 11 Sections
Reward: +10
This module will take you step-by-step through the fundamentals of JavaScript Deobfuscation until you can deobfuscate basic JavaScript code and understand its purpose.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Medium
Path Sections 15 Sections
Reward: +10
Network traffic analysis is used by security teams to monitor network activity and look for anomalies that could indicate security and operational issues. Offensive security practitioners can use network traffic analysis to search for sensitive data such as credentials, hidden applications, reachable network segments, or other potentially sensitive information "on the wire." Network traffic analysis has many uses for attackers and defenders alike.

Beginner

Ce cours est a destination des debutants

Easy Path Sections 153 Sections
Required: 140
Reward: +100
Path Modules
Fundamental
Path Sections 20 Sections
Reward: +10
The learning process is one of the essential and most important components that is often overlooked. This module does not teach you techniques to learn but describes the process of learning adapted to the field of information security. You will learn to understand how and when we learn best and increase and improve your learning efficiency greatly.
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 9 Sections
Reward: +10
This module covers topics that will help us be better prepared before conducting penetration tests. Preparations before a penetration test can often take a lot of time and effort, and this module shows how to prepare efficiently.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Easy
Path Sections 10 Sections
Reward: +10
This module covers the basics needed for working with Bash scripts to automate tasks on Linux systems. A strong grasp of Bash is a fundamental skill for anyone working in a technical information security role. Through the power of automation, we can unlock the Linux operating system's full potential and efficiently perform habitual tasks.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Fundamental
Path Sections 16 Sections
Reward: +10
Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface. To be successful as penetration testers and information security professionals, we must have a firm understanding of Active Directory fundamentals, AD structures, functionality, common AD flaws, misconfigurations, and defensive measures.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.

THG Beginner Pathway

Core skills for all members of the OffSec team

Easy Path Sections 172 Sections
Required: 370
Reward: +130
Path Modules
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Easy
Path Sections 12 Sections
Reward: +10
Nmap is one of the most used networking mapping and discovery tools because of its accurate results and efficiency. The tool is widely used by both offensive and defensive security practitioners. This module covers fundamentals that will be needed to use the Nmap tool for performing effective network enumeration.
Easy
Path Sections 10 Sections
Reward: +10
This module covers the basics needed for working with Bash scripts to automate tasks on Linux systems. A strong grasp of Bash is a fundamental skill for anyone working in a technical information security role. Through the power of automation, we can unlock the Linux operating system's full potential and efficiently perform habitual tasks.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Easy
Path Sections 13 Sections
Reward: +10
This module covers the fundamental enumeration skills of web fuzzing and directory brute forcing using the Ffuf tool. The techniques learned in this module will help us in locating hidden pages, directories, and parameters when targeting web applications.
Fundamental
Path Sections 16 Sections
Reward: +10
Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface. To be successful as penetration testers and information security professionals, we must have a firm understanding of Active Directory fundamentals, AD structures, functionality, common AD flaws, misconfigurations, and defensive measures.
Medium
Path Sections 21 Sections
Reward: +20
This module covers techniques for footprinting the most commonly used services in almost all enterprise and business IT infrastructures. Footprinting is an essential phase of any penetration test or security audit to identify and prevent information disclosure. Using this process, we examine the individual services and attempt to obtain as much information from them as possible.
Easy
Path Sections 19 Sections
Reward: +20
This module equips learners with essential web reconnaissance skills, crucial for ethical hacking and penetration testing. It explores both active and passive techniques, including DNS enumeration, web crawling, analysis of web archives and HTTP headers, and fingerprinting web technologies.

DevSecOps

Baseline para analista devsecops

Medium Path Sections 416 Sections
Required: 1700
Reward: +420
Path Modules
Fundamental
Path Sections 20 Sections
Reward: +10
The learning process is one of the essential and most important components that is often overlooked. This module does not teach you techniques to learn but describes the process of learning adapted to the field of information security. You will learn to understand how and when we learn best and increase and improve your learning efficiency greatly.
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Easy
Path Sections 17 Sections
Reward: +10
This module introduces the concept of Vulnerability Assessments. We will review the differences between vulnerability assessments and penetration tests, how to carry out a vulnerability assessment, how to interpret the assessment results, and how to deliver an effective vulnerability assessment report.
Easy
Path Sections 8 Sections
Reward: +20
Proper documentation is paramount during any engagement. The end goal of a technical assessment is the report deliverable which will often be presented to a broad audience within the target organization. We must take detailed notes and be very organized in our documentation, which will help us in the event of an incident during the assessment. This will also help ensure that our reports contain enough detail to illustrate the impact of our findings properly.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Easy
Path Sections 11 Sections
Reward: +20
Learn how to brute force logins for various types of services and create custom wordlists based on your target.
Medium
Path Sections 10 Sections
Reward: +10
During an assessment, it is very common for us to transfer files to and from a target system. This module covers file transfer techniques leveraging tools commonly available across all versions of Windows and Linux systems.
Easy
Path Sections 14 Sections
Reward: +10
Automating tedious or otherwise impossible tasks is highly valued during both penetration testing engagements and everyday life. Introduction to Python 3 aims to introduce the student to the world of scripting with Python 3 and covers the essential building blocks needed for a beginner to understand programming. Some advanced topics are also covered for the more experienced student. In a guided fashion and starting soft, the final goal of this module is to equip the reader with enough know-how to be able to implement simple yet useful pieces of software.
Medium
Path Sections 17 Sections
Reward: +10
Databases are an important part of web application infrastructure and SQL (Structured Query Language) to store, retrieve, and manipulate information stored in them. SQL injection is a code injection technique used to take advantage of coding vulnerabilities and inject SQL queries via an application to bypass authentication, retrieve data from the back-end database, or achieve code execution on the underlying server.
Easy
Path Sections 11 Sections
Reward: +20
The SQLMap Essentials module will teach you the basics of using SQLMap to discover various types of SQL Injection vulnerabilities, all the way to the advanced enumeration of databases to retrieve all data of interest.
Easy
Path Sections 11 Sections
Reward: +10
This module will take you step-by-step through the fundamentals of JavaScript Deobfuscation until you can deobfuscate basic JavaScript code and understand its purpose.
Easy
Path Sections 13 Sections
Reward: +10
This module covers the fundamental enumeration skills of web fuzzing and directory brute forcing using the Ffuf tool. The techniques learned in this module will help us in locating hidden pages, directories, and parameters when targeting web applications.
Medium
Path Sections 14 Sections
Reward: +20
Authentication is probably the most straightforward and prevalent measure used to secure access to resources, and it's the first line of defense against unauthorized access. Broken authentication is listed as #7 on the 2021 OWASP Top 10 Web Application Security Risks, falling under the broader category of Identification and Authentication failures. A vulnerability or misconfiguration at the authentication stage can impact an application's overall security.
Easy
Path Sections 10 Sections
Reward: +20
Cross-Site Scripting (XSS) vulnerabilities are among the most common web application vulnerabilities. An XSS vulnerability may allow an attacker to execute arbitrary JavaScript code within the target's browser and result in complete web application compromise if chained together with other vulnerabilities. This module will teach you how to identify XSS vulnerabilities and exploit them.
Easy
Path Sections 15 Sections
Reward: +20
Web application penetration testing frameworks are an essential part of any web penetration test. This module will teach you two of the best frameworks: Burp Suite and OWASP ZAP.
Medium
Path Sections 12 Sections
Reward: +20
Command injection vulnerabilities can be leveraged to compromise a hosting server and its entire network. This module will teach you how to identify and exploit command injection vulnerabilities and how to use various filter bypassing techniques to avoid security mitigations.
Easy
Path Sections 19 Sections
Reward: +20
This module equips learners with essential web reconnaissance skills, crucial for ethical hacking and penetration testing. It explores both active and passive techniques, including DNS enumeration, web crawling, analysis of web archives and HTTP headers, and fingerprinting web technologies.
Medium
Path Sections 21 Sections
Reward: +20
This module covers techniques for footprinting the most commonly used services in almost all enterprise and business IT infrastructures. Footprinting is an essential phase of any penetration test or security audit to identify and prevent information disclosure. Using this process, we examine the individual services and attempt to obtain as much information from them as possible.
Medium
Path Sections 33 Sections
Reward: +20
Penetration Testers can come across various applications, such as Content Management Systems, custom web applications, internal portals used by developers and sysadmins, and more. It's common to find the same applications across many different environments. While an application may not be vulnerable in one environment, it may be misconfigured or unpatched in the next. It is important as an assessor to have a firm grasp of enumerating and attacking the common applications discussed in this module. This knowledge will help when encountering other types of applications during assessments.
Medium
Path Sections 18 Sections
Reward: +20
This module covers three common web vulnerabilities, HTTP Verb Tampering, IDOR, and XXE, each of which can have a significant impact on a company's systems. We will cover how to identify, exploit, and prevent each of them through various methods.
Medium
Path Sections 11 Sections
Reward: +20
Arbitrary file uploads are among the most critical web vulnerabilities. These flaws enable attackers to upload malicious files, execute arbitrary commands on the back-end server, and even take control over the entire server and all web applications hosted on it and potentially gain access to sensitive data or cause a service disruption.
Medium
Path Sections 19 Sections
Reward: +20 NEW
A backend that handles user-supplied input insecurely can lead to devastating security vulnerabilities such as sensitive information disclosure and remote code execution. This module covers how to identify and exploit server-side bugs, including Server-Side Request Forgery (SSRF), Server-Side Template Injection (SSTI), and Server-Side Includes (SSI) injection attacks.
Medium
Path Sections 14 Sections
Reward: +20
Maintaining and keeping track of a user's session is an integral part of web applications. It is an area that requires extensive testing to ensure it is set up robustly and securely. This module covers the most common attacks and vulnerabilities that can affect web application sessions, such as Session Hijacking, Session Fixation, Cross-Site Request Forgery, Cross-Site Scripting, and Open Redirects.
Medium
Path Sections 22 Sections
Reward: +10
Passwords are still the primary method of authentication in corporate networks. If strong password policies are not in place, users will often opt for weak, easy-to-remember passwords that can often be cracked offline and used to further our access. We will encounter passwords in many forms during our assessments. We must understand the various ways they are stored, how they can be retrieved, methods to crack weak passwords, ways to use hashes that cannot be cracked, and hunting for weak/default password usage.
Medium
Path Sections 13 Sections
Reward: +20
Web services and APIs are frequently exposed to provide certain functionalities in a programmatic way between heterogeneous devices and software components. Both web services and APIs can assist in integrating different applications or facilitate separation within a given application. This module covers how to identify the functionality a web service or API offers and exploit any security-related inefficiencies.

CREST CRT

This is a custom learning path to prepare you towards CREST's CRT exam.

Medium Path Sections 663 Sections
Required: 2530
Reward: +610
Path Modules
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Medium
Path Sections 15 Sections
Reward: +10
Network traffic analysis is used by security teams to monitor network activity and look for anomalies that could indicate security and operational issues. Offensive security practitioners can use network traffic analysis to search for sensitive data such as credentials, hidden applications, reachable network segments, or other potentially sensitive information "on the wire." Network traffic analysis has many uses for attackers and defenders alike.
Fundamental
Path Sections 15 Sections
Reward: +10
This module teaches the penetration testing process broken down into each stage and discussed in detail. We will cover many aspects of the role of a penetration tester during a penetration test, explained and illustrated with detailed examples. The module also covers pre-engagement steps like the criteria for establishing a contract with a client for a penetration testing engagement.
Easy
Path Sections 12 Sections
Reward: +10
Nmap is one of the most used networking mapping and discovery tools because of its accurate results and efficiency. The tool is widely used by both offensive and defensive security practitioners. This module covers fundamentals that will be needed to use the Nmap tool for performing effective network enumeration.
Medium
Path Sections 21 Sections
Reward: +20
This module covers techniques for footprinting the most commonly used services in almost all enterprise and business IT infrastructures. Footprinting is an essential phase of any penetration test or security audit to identify and prevent information disclosure. Using this process, we examine the individual services and attempt to obtain as much information from them as possible.
Easy
Path Sections 19 Sections
Reward: +20
This module equips learners with essential web reconnaissance skills, crucial for ethical hacking and penetration testing. It explores both active and passive techniques, including DNS enumeration, web crawling, analysis of web archives and HTTP headers, and fingerprinting web technologies.
Easy
Path Sections 17 Sections
Reward: +10
This module introduces the concept of Vulnerability Assessments. We will review the differences between vulnerability assessments and penetration tests, how to carry out a vulnerability assessment, how to interpret the assessment results, and how to deliver an effective vulnerability assessment report.
Medium
Path Sections 10 Sections
Reward: +10
During an assessment, it is very common for us to transfer files to and from a target system. This module covers file transfer techniques leveraging tools commonly available across all versions of Windows and Linux systems.
Medium
Path Sections 17 Sections
Reward: +10
Gain the knowledge and skills to identify and use shells & payloads to establish a foothold on vulnerable Windows & Linux systems. This module utilizes a fictitious scenario where the learner will place themselves in the perspective of a sysadmin trying out for a position on CAT5 Security's network penetration testing team.
Easy
Path Sections 15 Sections
Reward: +10
The Metasploit Framework is an open-source set of tools used for network enumeration, attacks, testing security vulnerabilities, evading detection, performing privilege escalation attacks, and performing post-exploitation.
Medium
Path Sections 22 Sections
Reward: +10
Passwords are still the primary method of authentication in corporate networks. If strong password policies are not in place, users will often opt for weak, easy-to-remember passwords that can often be cracked offline and used to further our access. We will encounter passwords in many forms during our assessments. We must understand the various ways they are stored, how they can be retrieved, methods to crack weak passwords, ways to use hashes that cannot be cracked, and hunting for weak/default password usage.
Medium
Path Sections 19 Sections
Reward: +20
Organizations regularly use a standard set of services for different purposes. It is vital to conduct penetration testing activities on each service internally and externally to ensure that they are not introducing security threats. This module will cover how to enumerate each service and test it against known vulnerabilities and exploits with a standard set of tools.
Medium
Path Sections 14 Sections
Reward: +20
This module covers the fundamentals of password cracking using the Hashcat tool.
Fundamental
Path Sections 16 Sections
Reward: +10
Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface. To be successful as penetration testers and information security professionals, we must have a firm understanding of Active Directory fundamentals, AD structures, functionality, common AD flaws, misconfigurations, and defensive measures.
Medium
Path Sections 18 Sections
Reward: +20
Once a foothold is gained during an assessment, it may be in scope to move laterally and vertically within a target network. Using one compromised machine to access another is called pivoting and allows us to access networks and resources that are not directly accessible to us through the compromised host. Port forwarding accepts the traffic on a given IP address and port and redirects it to a different IP address and port combination. Tunneling is a technique that allows us to encapsulate traffic within another protocol so that it looks like a benign traffic stream.
Medium
Path Sections 36 Sections
Reward: +20
Active Directory (AD) is the leading enterprise domain management suite, providing identity and access management, centralized domain administration, authentication, and much more. Due to the many features and complexity of AD, it presents a large attack surface that is difficult to secure properly. To be successful as infosec professionals, we must understand AD architectures and how to secure our enterprise environments. As Penetration testers, having a firm grasp of what tools, techniques, and procedures are available to us for enumerating and attacking AD environments and commonly seen AD misconfigurations is a must.
Easy
Path Sections 28 Sections
Reward: +20
Privilege escalation is a crucial phase during any security assessment. During this phase, we attempt to gain access to additional users, hosts, and resources to move closer to the assessment's overall goal. There are many ways to escalate privileges. This module aims to cover the most common methods emphasizing real-world misconfigurations and flaws that we may encounter in a client environment. The techniques covered in this module are not an exhaustive list of all possibilities and aim to avoid extreme "edge-case" tactics that may be seen in a Capture the Flag (CTF) exercise.
Medium
Path Sections 33 Sections
Reward: +20
After gaining a foothold, elevating our privileges will provide more options for persistence and may reveal information stored locally that can further our access in the environment. Enumeration is the key to privilege escalation. When you gain initial shell access to the host, it is important to gain situational awareness and uncover details relating to the OS version, patch level, any installed software, our current privileges, group memberships, and more. Windows presents an enormous attack surface and, being that most companies run Windows hosts in some way, we will more often than not find ourselves gaining access to Windows machines during our assessments. This covers common methods while emphasizing real-world misconfigurations and flaws that we may encounter during an assessment. There are many additional "edge-case" possibilities not covered in this module. We will cover both modern and legacy Windows Server and Desktop versions that may be present in a client environment.
Easy
Path Sections 15 Sections
Reward: +20
Web application penetration testing frameworks are an essential part of any web penetration test. This module will teach you two of the best frameworks: Burp Suite and OWASP ZAP.
Easy
Path Sections 13 Sections
Reward: +10
This module covers the fundamental enumeration skills of web fuzzing and directory brute forcing using the Ffuf tool. The techniques learned in this module will help us in locating hidden pages, directories, and parameters when targeting web applications.
Easy
Path Sections 11 Sections
Reward: +20
Learn how to brute force logins for various types of services and create custom wordlists based on your target.
Easy
Path Sections 10 Sections
Reward: +20
Cross-Site Scripting (XSS) vulnerabilities are among the most common web application vulnerabilities. An XSS vulnerability may allow an attacker to execute arbitrary JavaScript code within the target's browser and result in complete web application compromise if chained together with other vulnerabilities. This module will teach you how to identify XSS vulnerabilities and exploit them.
Medium
Path Sections 14 Sections
Reward: +20
Maintaining and keeping track of a user's session is an integral part of web applications. It is an area that requires extensive testing to ensure it is set up robustly and securely. This module covers the most common attacks and vulnerabilities that can affect web application sessions, such as Session Hijacking, Session Fixation, Cross-Site Request Forgery, Cross-Site Scripting, and Open Redirects.
Medium
Path Sections 17 Sections
Reward: +10
Databases are an important part of web application infrastructure and SQL (Structured Query Language) to store, retrieve, and manipulate information stored in them. SQL injection is a code injection technique used to take advantage of coding vulnerabilities and inject SQL queries via an application to bypass authentication, retrieve data from the back-end database, or achieve code execution on the underlying server.
Easy
Path Sections 11 Sections
Reward: +20
The SQLMap Essentials module will teach you the basics of using SQLMap to discover various types of SQL Injection vulnerabilities, all the way to the advanced enumeration of databases to retrieve all data of interest.
Medium
Path Sections 11 Sections
Reward: +10
File Inclusion is a common web application vulnerability, which can be easily overlooked as part of a web application's functionality.
Medium
Path Sections 11 Sections
Reward: +20
Arbitrary file uploads are among the most critical web vulnerabilities. These flaws enable attackers to upload malicious files, execute arbitrary commands on the back-end server, and even take control over the entire server and all web applications hosted on it and potentially gain access to sensitive data or cause a service disruption.
Medium
Path Sections 12 Sections
Reward: +20
Command injection vulnerabilities can be leveraged to compromise a hosting server and its entire network. This module will teach you how to identify and exploit command injection vulnerabilities and how to use various filter bypassing techniques to avoid security mitigations.
Medium
Path Sections 19 Sections
Reward: +20 NEW
A backend that handles user-supplied input insecurely can lead to devastating security vulnerabilities such as sensitive information disclosure and remote code execution. This module covers how to identify and exploit server-side bugs, including Server-Side Request Forgery (SSRF), Server-Side Template Injection (SSTI), and Server-Side Includes (SSI) injection attacks.
Medium
Path Sections 14 Sections
Reward: +20
Authentication is probably the most straightforward and prevalent measure used to secure access to resources, and it's the first line of defense against unauthorized access. Broken authentication is listed as #7 on the 2021 OWASP Top 10 Web Application Security Risks, falling under the broader category of Identification and Authentication failures. A vulnerability or misconfiguration at the authentication stage can impact an application's overall security.
Medium
Path Sections 18 Sections
Reward: +20
This module covers three common web vulnerabilities, HTTP Verb Tampering, IDOR, and XXE, each of which can have a significant impact on a company's systems. We will cover how to identify, exploit, and prevent each of them through various methods.
Medium
Path Sections 33 Sections
Reward: +20
Penetration Testers can come across various applications, such as Content Management Systems, custom web applications, internal portals used by developers and sysadmins, and more. It's common to find the same applications across many different environments. While an application may not be vulnerable in one environment, it may be misconfigured or unpatched in the next. It is important as an assessor to have a firm grasp of enumerating and attacking the common applications discussed in this module. This knowledge will help when encountering other types of applications during assessments.
Medium
Path Sections 13 Sections
Reward: +20
Web services and APIs are frequently exposed to provide certain functionalities in a programmatic way between heterogeneous devices and software components. Both web services and APIs can assist in integrating different applications or facilitate separation within a given application. This module covers how to identify the functionality a web service or API offers and exploit any security-related inefficiencies.
Easy
Path Sections 16 Sections
Reward: +20
WordPress is an open-source Content Management System (CMS) that can be used for multiple purposes.
Easy
Path Sections 8 Sections
Reward: +20
Proper documentation is paramount during any engagement. The end goal of a technical assessment is the report deliverable which will often be presented to a broad audience within the target organization. We must take detailed notes and be very organized in our documentation, which will help us in the event of an incident during the assessment. This will also help ensure that our reports contain enough detail to illustrate the impact of our findings properly.

web-common

webアプリケーションの攻撃に必要な各種技術のモジュール

Medium Path Sections 244 Sections
Required: 1260
Reward: +300
Path Modules
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Easy
Path Sections 15 Sections
Reward: +20
Web application penetration testing frameworks are an essential part of any web penetration test. This module will teach you two of the best frameworks: Burp Suite and OWASP ZAP.
Easy
Path Sections 19 Sections
Reward: +20
This module equips learners with essential web reconnaissance skills, crucial for ethical hacking and penetration testing. It explores both active and passive techniques, including DNS enumeration, web crawling, analysis of web archives and HTTP headers, and fingerprinting web technologies.
Easy
Path Sections 13 Sections
Reward: +10
This module covers the fundamental enumeration skills of web fuzzing and directory brute forcing using the Ffuf tool. The techniques learned in this module will help us in locating hidden pages, directories, and parameters when targeting web applications.
Easy
Path Sections 11 Sections
Reward: +10
This module will take you step-by-step through the fundamentals of JavaScript Deobfuscation until you can deobfuscate basic JavaScript code and understand its purpose.
Easy
Path Sections 10 Sections
Reward: +20
Cross-Site Scripting (XSS) vulnerabilities are among the most common web application vulnerabilities. An XSS vulnerability may allow an attacker to execute arbitrary JavaScript code within the target's browser and result in complete web application compromise if chained together with other vulnerabilities. This module will teach you how to identify XSS vulnerabilities and exploit them.
Medium
Path Sections 17 Sections
Reward: +10
Databases are an important part of web application infrastructure and SQL (Structured Query Language) to store, retrieve, and manipulate information stored in them. SQL injection is a code injection technique used to take advantage of coding vulnerabilities and inject SQL queries via an application to bypass authentication, retrieve data from the back-end database, or achieve code execution on the underlying server.
Easy
Path Sections 11 Sections
Reward: +20
The SQLMap Essentials module will teach you the basics of using SQLMap to discover various types of SQL Injection vulnerabilities, all the way to the advanced enumeration of databases to retrieve all data of interest.
Medium
Path Sections 12 Sections
Reward: +20
Command injection vulnerabilities can be leveraged to compromise a hosting server and its entire network. This module will teach you how to identify and exploit command injection vulnerabilities and how to use various filter bypassing techniques to avoid security mitigations.
Medium
Path Sections 11 Sections
Reward: +20
Arbitrary file uploads are among the most critical web vulnerabilities. These flaws enable attackers to upload malicious files, execute arbitrary commands on the back-end server, and even take control over the entire server and all web applications hosted on it and potentially gain access to sensitive data or cause a service disruption.
Medium
Path Sections 19 Sections
Reward: +20 NEW
A backend that handles user-supplied input insecurely can lead to devastating security vulnerabilities such as sensitive information disclosure and remote code execution. This module covers how to identify and exploit server-side bugs, including Server-Side Request Forgery (SSRF), Server-Side Template Injection (SSTI), and Server-Side Includes (SSI) injection attacks.
Easy
Path Sections 11 Sections
Reward: +20
Learn how to brute force logins for various types of services and create custom wordlists based on your target.
Medium
Path Sections 14 Sections
Reward: +20
Authentication is probably the most straightforward and prevalent measure used to secure access to resources, and it's the first line of defense against unauthorized access. Broken authentication is listed as #7 on the 2021 OWASP Top 10 Web Application Security Risks, falling under the broader category of Identification and Authentication failures. A vulnerability or misconfiguration at the authentication stage can impact an application's overall security.
Medium
Path Sections 18 Sections
Reward: +20
This module covers three common web vulnerabilities, HTTP Verb Tampering, IDOR, and XXE, each of which can have a significant impact on a company's systems. We will cover how to identify, exploit, and prevent each of them through various methods.
Medium
Path Sections 11 Sections
Reward: +10
File Inclusion is a common web application vulnerability, which can be easily overlooked as part of a web application's functionality.
Medium
Path Sections 14 Sections
Reward: +20
Maintaining and keeping track of a user's session is an integral part of web applications. It is an area that requires extensive testing to ensure it is set up robustly and securely. This module covers the most common attacks and vulnerabilities that can affect web application sessions, such as Session Hijacking, Session Fixation, Cross-Site Request Forgery, Cross-Site Scripting, and Open Redirects.
Medium
Path Sections 13 Sections
Reward: +20
Web services and APIs are frequently exposed to provide certain functionalities in a programmatic way between heterogeneous devices and software components. Both web services and APIs can assist in integrating different applications or facilitate separation within a given application. This module covers how to identify the functionality a web service or API offers and exploit any security-related inefficiencies.

SANS NETWARS

Bra grund moduler tror jag inför netwars

Easy Path Sections 299 Sections
Required: 530
Reward: +210
Path Modules
Fundamental
Path Sections 20 Sections
Reward: +10
The learning process is one of the essential and most important components that is often overlooked. This module does not teach you techniques to learn but describes the process of learning adapted to the field of information security. You will learn to understand how and when we learn best and increase and improve your learning efficiency greatly.
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Easy
Path Sections 12 Sections
Reward: +10
Nmap is one of the most used networking mapping and discovery tools because of its accurate results and efficiency. The tool is widely used by both offensive and defensive security practitioners. This module covers fundamentals that will be needed to use the Nmap tool for performing effective network enumeration.
Easy
Path Sections 10 Sections
Reward: +10
This module covers the basics needed for working with Bash scripts to automate tasks on Linux systems. A strong grasp of Bash is a fundamental skill for anyone working in a technical information security role. Through the power of automation, we can unlock the Linux operating system's full potential and efficiently perform habitual tasks.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Easy
Path Sections 15 Sections
Reward: +10
The Metasploit Framework is an open-source set of tools used for network enumeration, attacks, testing security vulnerabilities, evading detection, performing privilege escalation attacks, and performing post-exploitation.
Easy
Path Sections 11 Sections
Reward: +10
This module will take you step-by-step through the fundamentals of JavaScript Deobfuscation until you can deobfuscate basic JavaScript code and understand its purpose.
Easy
Path Sections 13 Sections
Reward: +10
This module covers the fundamental enumeration skills of web fuzzing and directory brute forcing using the Ffuf tool. The techniques learned in this module will help us in locating hidden pages, directories, and parameters when targeting web applications.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Medium
Path Sections 15 Sections
Reward: +10
Network traffic analysis is used by security teams to monitor network activity and look for anomalies that could indicate security and operational issues. Offensive security practitioners can use network traffic analysis to search for sensitive data such as credentials, hidden applications, reachable network segments, or other potentially sensitive information "on the wire." Network traffic analysis has many uses for attackers and defenders alike.
Easy
Path Sections 14 Sections
Reward: +10
Automating tedious or otherwise impossible tasks is highly valued during both penetration testing engagements and everyday life. Introduction to Python 3 aims to introduce the student to the world of scripting with Python 3 and covers the essential building blocks needed for a beginner to understand programming. Some advanced topics are also covered for the more experienced student. In a guided fashion and starting soft, the final goal of this module is to equip the reader with enough know-how to be able to implement simple yet useful pieces of software.
Medium
Path Sections 33 Sections
Reward: +20
Penetration Testers can come across various applications, such as Content Management Systems, custom web applications, internal portals used by developers and sysadmins, and more. It's common to find the same applications across many different environments. While an application may not be vulnerable in one environment, it may be misconfigured or unpatched in the next. It is important as an assessor to have a firm grasp of enumerating and attacking the common applications discussed in this module. This knowledge will help when encountering other types of applications during assessments.
Medium
Path Sections 17 Sections
Reward: +10
Gain the knowledge and skills to identify and use shells & payloads to establish a foothold on vulnerable Windows & Linux systems. This module utilizes a fictitious scenario where the learner will place themselves in the perspective of a sysadmin trying out for a position on CAT5 Security's network penetration testing team.
Easy
Path Sections 19 Sections
Reward: +20
This module equips learners with essential web reconnaissance skills, crucial for ethical hacking and penetration testing. It explores both active and passive techniques, including DNS enumeration, web crawling, analysis of web archives and HTTP headers, and fingerprinting web technologies.
Medium
Path Sections 13 Sections
Reward: +10
Buffer overflows are common vulnerabilities in software applications that can be exploited to achieve remote code execution (RCE) or perform a Denial-of-Service (DoS) attack. These vulnerabilities are caused by insecure coding, resulting in an attacker being able to overrun a program's buffer and overwrite adjacent memory locations, changing the program's execution path and resulting in unintended actions.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Fundamental
Path Sections 9 Sections
Reward: +10
This module covers topics that will help us be better prepared before conducting penetration tests. Preparations before a penetration test can often take a lot of time and effort, and this module shows how to prepare efficiently.

Web Application Testing

Web Application Web Application

Medium Path Sections 341 Sections
Required: 2880
Reward: +640
Path Modules
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 20 Sections
Reward: +10
The learning process is one of the essential and most important components that is often overlooked. This module does not teach you techniques to learn but describes the process of learning adapted to the field of information security. You will learn to understand how and when we learn best and increase and improve your learning efficiency greatly.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Easy
Path Sections 15 Sections
Reward: +20
Web application penetration testing frameworks are an essential part of any web penetration test. This module will teach you two of the best frameworks: Burp Suite and OWASP ZAP.
Easy
Path Sections 19 Sections
Reward: +20
This module equips learners with essential web reconnaissance skills, crucial for ethical hacking and penetration testing. It explores both active and passive techniques, including DNS enumeration, web crawling, analysis of web archives and HTTP headers, and fingerprinting web technologies.
Easy
Path Sections 13 Sections
Reward: +10
This module covers the fundamental enumeration skills of web fuzzing and directory brute forcing using the Ffuf tool. The techniques learned in this module will help us in locating hidden pages, directories, and parameters when targeting web applications.
Easy
Path Sections 11 Sections
Reward: +10
This module will take you step-by-step through the fundamentals of JavaScript Deobfuscation until you can deobfuscate basic JavaScript code and understand its purpose.
Easy
Path Sections 10 Sections
Reward: +20
Cross-Site Scripting (XSS) vulnerabilities are among the most common web application vulnerabilities. An XSS vulnerability may allow an attacker to execute arbitrary JavaScript code within the target's browser and result in complete web application compromise if chained together with other vulnerabilities. This module will teach you how to identify XSS vulnerabilities and exploit them.
Hard
Path Sections 17 Sections
Reward: +200
Learn how to improve your JavaScript code's security through Code Review, Static/Dynamic Analysis, Vulnerability Identification, and Patching.
Medium
Path Sections 17 Sections
Reward: +10
Databases are an important part of web application infrastructure and SQL (Structured Query Language) to store, retrieve, and manipulate information stored in them. SQL injection is a code injection technique used to take advantage of coding vulnerabilities and inject SQL queries via an application to bypass authentication, retrieve data from the back-end database, or achieve code execution on the underlying server.
Easy
Path Sections 11 Sections
Reward: +20
The SQLMap Essentials module will teach you the basics of using SQLMap to discover various types of SQL Injection vulnerabilities, all the way to the advanced enumeration of databases to retrieve all data of interest.
Medium
Path Sections 12 Sections
Reward: +20
Command injection vulnerabilities can be leveraged to compromise a hosting server and its entire network. This module will teach you how to identify and exploit command injection vulnerabilities and how to use various filter bypassing techniques to avoid security mitigations.
Hard
Path Sections 19 Sections
Reward: +100
This module focuses on discovering Command Injection vulnerabilities in NodeJS servers and exploiting them to control the server.
Medium
Path Sections 11 Sections
Reward: +20
Arbitrary file uploads are among the most critical web vulnerabilities. These flaws enable attackers to upload malicious files, execute arbitrary commands on the back-end server, and even take control over the entire server and all web applications hosted on it and potentially gain access to sensitive data or cause a service disruption.
Medium
Path Sections 19 Sections
Reward: +20 NEW
A backend that handles user-supplied input insecurely can lead to devastating security vulnerabilities such as sensitive information disclosure and remote code execution. This module covers how to identify and exploit server-side bugs, including Server-Side Request Forgery (SSRF), Server-Side Template Injection (SSTI), and Server-Side Includes (SSI) injection attacks.
Easy
Path Sections 11 Sections
Reward: +20
Learn how to brute force logins for various types of services and create custom wordlists based on your target.
Medium
Path Sections 14 Sections
Reward: +20
Authentication is probably the most straightforward and prevalent measure used to secure access to resources, and it's the first line of defense against unauthorized access. Broken authentication is listed as #7 on the 2021 OWASP Top 10 Web Application Security Risks, falling under the broader category of Identification and Authentication failures. A vulnerability or misconfiguration at the authentication stage can impact an application's overall security.
Medium
Path Sections 18 Sections
Reward: +20
This module covers three common web vulnerabilities, HTTP Verb Tampering, IDOR, and XXE, each of which can have a significant impact on a company's systems. We will cover how to identify, exploit, and prevent each of them through various methods.
Medium
Path Sections 11 Sections
Reward: +10
File Inclusion is a common web application vulnerability, which can be easily overlooked as part of a web application's functionality.
Medium
Path Sections 14 Sections
Reward: +20
Maintaining and keeping track of a user's session is an integral part of web applications. It is an area that requires extensive testing to ensure it is set up robustly and securely. This module covers the most common attacks and vulnerabilities that can affect web application sessions, such as Session Hijacking, Session Fixation, Cross-Site Request Forgery, Cross-Site Scripting, and Open Redirects.
Medium
Path Sections 13 Sections
Reward: +20
Web services and APIs are frequently exposed to provide certain functionalities in a programmatic way between heterogeneous devices and software components. Both web services and APIs can assist in integrating different applications or facilitate separation within a given application. This module covers how to identify the functionality a web service or API offers and exploit any security-related inefficiencies.
Medium
Path Sections 33 Sections
Reward: +20
Penetration Testers can come across various applications, such as Content Management Systems, custom web applications, internal portals used by developers and sysadmins, and more. It's common to find the same applications across many different environments. While an application may not be vulnerable in one environment, it may be misconfigured or unpatched in the next. It is important as an assessor to have a firm grasp of enumerating and attacking the common applications discussed in this module. This knowledge will help when encountering other types of applications during assessments.

TYL-AppSec Fundamentals

Penetration testing requires a fundamental understanding of how computer systems work. This path is composed of modules that cover these topics.

Easy Path Sections 222 Sections
Required: 530
Reward: +170
Path Modules
Fundamental
Path Sections 20 Sections
Reward: +10
The learning process is one of the essential and most important components that is often overlooked. This module does not teach you techniques to learn but describes the process of learning adapted to the field of information security. You will learn to understand how and when we learn best and increase and improve your learning efficiency greatly.
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Fundamental
Path Sections 23 Sections
Reward: +10
This module covers the fundamentals of penetration testing and an introduction to Hack The Box.
Easy
Path Sections 12 Sections
Reward: +10
Nmap is one of the most used networking mapping and discovery tools because of its accurate results and efficiency. The tool is widely used by both offensive and defensive security practitioners. This module covers fundamentals that will be needed to use the Nmap tool for performing effective network enumeration.
Easy
Path Sections 10 Sections
Reward: +10
This module covers the basics needed for working with Bash scripts to automate tasks on Linux systems. A strong grasp of Bash is a fundamental skill for anyone working in a technical information security role. Through the power of automation, we can unlock the Linux operating system's full potential and efficiently perform habitual tasks.
Fundamental
Path Sections 15 Sections
Reward: +10
This module teaches the penetration testing process broken down into each stage and discussed in detail. We will cover many aspects of the role of a penetration tester during a penetration test, explained and illustrated with detailed examples. The module also covers pre-engagement steps like the criteria for establishing a contract with a client for a penetration testing engagement.
Easy
Path Sections 15 Sections
Reward: +20
Web application penetration testing frameworks are an essential part of any web penetration test. This module will teach you two of the best frameworks: Burp Suite and OWASP ZAP.
Medium
Path Sections 21 Sections
Reward: +20
This module covers techniques for footprinting the most commonly used services in almost all enterprise and business IT infrastructures. Footprinting is an essential phase of any penetration test or security audit to identify and prevent information disclosure. Using this process, we examine the individual services and attempt to obtain as much information from them as possible.
Easy
Path Sections 8 Sections
Reward: +20
Proper documentation is paramount during any engagement. The end goal of a technical assessment is the report deliverable which will often be presented to a broad audience within the target organization. We must take detailed notes and be very organized in our documentation, which will help us in the event of an incident during the assessment. This will also help ensure that our reports contain enough detail to illustrate the impact of our findings properly.

DCART Journeyman

The journeyman path is to further develop the specific pentest skill that are needed to supplement standard red team skills. This path should not be started until the "DCART Apprentice" path is completed.

Medium Path Sections 323 Sections
Required: 1820
Reward: +420
Path Modules
Easy
Path Sections 10 Sections
Reward: +10
This module covers the basics needed for working with Bash scripts to automate tasks on Linux systems. A strong grasp of Bash is a fundamental skill for anyone working in a technical information security role. Through the power of automation, we can unlock the Linux operating system's full potential and efficiently perform habitual tasks.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Medium
Path Sections 11 Sections
Reward: +10
File Inclusion is a common web application vulnerability, which can be easily overlooked as part of a web application's functionality.
Easy
Path Sections 13 Sections
Reward: +10
This module covers the fundamental enumeration skills of web fuzzing and directory brute forcing using the Ffuf tool. The techniques learned in this module will help us in locating hidden pages, directories, and parameters when targeting web applications.
Easy
Path Sections 11 Sections
Reward: +20
Learn how to brute force logins for various types of services and create custom wordlists based on your target.
Medium
Path Sections 12 Sections
Reward: +20
Command injection vulnerabilities can be leveraged to compromise a hosting server and its entire network. This module will teach you how to identify and exploit command injection vulnerabilities and how to use various filter bypassing techniques to avoid security mitigations.
Hard
Path Sections 19 Sections
Reward: +100
This module focuses on discovering Command Injection vulnerabilities in NodeJS servers and exploiting them to control the server.
Medium
Path Sections 17 Sections
Reward: +10
Databases are an important part of web application infrastructure and SQL (Structured Query Language) to store, retrieve, and manipulate information stored in them. SQL injection is a code injection technique used to take advantage of coding vulnerabilities and inject SQL queries via an application to bypass authentication, retrieve data from the back-end database, or achieve code execution on the underlying server.
Easy
Path Sections 11 Sections
Reward: +20
The SQLMap Essentials module will teach you the basics of using SQLMap to discover various types of SQL Injection vulnerabilities, all the way to the advanced enumeration of databases to retrieve all data of interest.
Easy
Path Sections 10 Sections
Reward: +20
Cross-Site Scripting (XSS) vulnerabilities are among the most common web application vulnerabilities. An XSS vulnerability may allow an attacker to execute arbitrary JavaScript code within the target's browser and result in complete web application compromise if chained together with other vulnerabilities. This module will teach you how to identify XSS vulnerabilities and exploit them.
Medium
Path Sections 33 Sections
Reward: +20
Penetration Testers can come across various applications, such as Content Management Systems, custom web applications, internal portals used by developers and sysadmins, and more. It's common to find the same applications across many different environments. While an application may not be vulnerable in one environment, it may be misconfigured or unpatched in the next. It is important as an assessor to have a firm grasp of enumerating and attacking the common applications discussed in this module. This knowledge will help when encountering other types of applications during assessments.
Medium
Path Sections 13 Sections
Reward: +20
Web services and APIs are frequently exposed to provide certain functionalities in a programmatic way between heterogeneous devices and software components. Both web services and APIs can assist in integrating different applications or facilitate separation within a given application. This module covers how to identify the functionality a web service or API offers and exploit any security-related inefficiencies.
Easy
Path Sections 16 Sections
Reward: +20
WordPress is an open-source Content Management System (CMS) that can be used for multiple purposes.
Medium
Path Sections 19 Sections
Reward: +20 NEW
A backend that handles user-supplied input insecurely can lead to devastating security vulnerabilities such as sensitive information disclosure and remote code execution. This module covers how to identify and exploit server-side bugs, including Server-Side Request Forgery (SSRF), Server-Side Template Injection (SSTI), and Server-Side Includes (SSI) injection attacks.
Medium
Path Sections 22 Sections
Reward: +10
Passwords are still the primary method of authentication in corporate networks. If strong password policies are not in place, users will often opt for weak, easy-to-remember passwords that can often be cracked offline and used to further our access. We will encounter passwords in many forms during our assessments. We must understand the various ways they are stored, how they can be retrieved, methods to crack weak passwords, ways to use hashes that cannot be cracked, and hunting for weak/default password usage.
Medium
Path Sections 11 Sections
Reward: +10
As a penetration tester or red teamer, it is imperative that we understand the tools that we use inside and out and also have the ability to write out own, even simple, tools if we are on an assessment with certain constraints such as no internet or the requirement to use a customer provided host as our "attack box." A strong understanding of DNS as well as the various ways to interact with fundamental when performing any security assessment.
Easy
Path Sections 11 Sections
Reward: +10
This module will take you step-by-step through the fundamentals of JavaScript Deobfuscation until you can deobfuscate basic JavaScript code and understand its purpose.
Medium
Path Sections 14 Sections
Reward: +20
Authentication is probably the most straightforward and prevalent measure used to secure access to resources, and it's the first line of defense against unauthorized access. Broken authentication is listed as #7 on the 2021 OWASP Top 10 Web Application Security Risks, falling under the broader category of Identification and Authentication failures. A vulnerability or misconfiguration at the authentication stage can impact an application's overall security.
Medium
Path Sections 14 Sections
Reward: +20
Maintaining and keeping track of a user's session is an integral part of web applications. It is an area that requires extensive testing to ensure it is set up robustly and securely. This module covers the most common attacks and vulnerabilities that can affect web application sessions, such as Session Hijacking, Session Fixation, Cross-Site Request Forgery, Cross-Site Scripting, and Open Redirects.
Medium
Path Sections 13 Sections
Reward: +10
Buffer overflows are common vulnerabilities in software applications that can be exploited to achieve remote code execution (RCE) or perform a Denial-of-Service (DoS) attack. These vulnerabilities are caused by insecure coding, resulting in an attacker being able to overrun a program's buffer and overwrite adjacent memory locations, changing the program's execution path and resulting in unintended actions.
Medium
Path Sections 11 Sections
Reward: +10
This module is your first step into Windows Binary Exploitation, and it will teach you how to exploit local and remote buffer overflow vulnerabilities on Windows machines.
Medium
Path Sections 24 Sections
Reward: +20
This module builds the core foundation for Binary Exploitation by teaching Computer Architecture and Assembly language basics.

Cyber Security Fundamentals

This path covers all of the core technical fundamentals required to get a good grounding in cybersecurity. It also provides the basics required to get started on Hack The Box. We recommended this pathway for all those starting in a technical role that need a solid grasp of security concepts.

Easy Path Sections 150 Sections
Required: 90
Reward: +90
Path Modules
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 20 Sections
Reward: +10
The learning process is one of the essential and most important components that is often overlooked. This module does not teach you techniques to learn but describes the process of learning adapted to the field of information security. You will learn to understand how and when we learn best and increase and improve your learning efficiency greatly.
Fundamental
Path Sections 9 Sections
Reward: +10
This module covers topics that will help us be better prepared before conducting penetration tests. Preparations before a penetration test can often take a lot of time and effort, and this module shows how to prepare efficiently.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Fundamental
Path Sections 23 Sections
Reward: +10
This module covers the fundamentals of penetration testing and an introduction to Hack The Box.

Beginner: CyberSecurity Fundamentals

This Path is for Beginners.

Easy Path Sections 150 Sections
Required: 90
Reward: +90
Path Modules
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 20 Sections
Reward: +10
The learning process is one of the essential and most important components that is often overlooked. This module does not teach you techniques to learn but describes the process of learning adapted to the field of information security. You will learn to understand how and when we learn best and increase and improve your learning efficiency greatly.
Fundamental
Path Sections 9 Sections
Reward: +10
This module covers topics that will help us be better prepared before conducting penetration tests. Preparations before a penetration test can often take a lot of time and effort, and this module shows how to prepare efficiently.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Fundamental
Path Sections 23 Sections
Reward: +10
This module covers the fundamentals of penetration testing and an introduction to Hack The Box.

Information Security - Technical Fundamentals

Information Security is a field with many specialized and highly technical disciplines. Job roles like Information Security Analyst & Penetration Tester require a solid technical foundational understanding of core IT & Information Security topics. This skill path is made up of modules that will assist analysts developing &/or strengthening a foundational understanding before proceeding with learning the more complex security topics.

Easy Path Sections 159 Sections
Required: 140
Reward: +100
Path Modules
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 20 Sections
Reward: +10
The learning process is one of the essential and most important components that is often overlooked. This module does not teach you techniques to learn but describes the process of learning adapted to the field of information security. You will learn to understand how and when we learn best and increase and improve your learning efficiency greatly.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Easy
Path Sections 10 Sections
Reward: +10
This module covers the basics needed for working with Bash scripts to automate tasks on Linux systems. A strong grasp of Bash is a fundamental skill for anyone working in a technical information security role. Through the power of automation, we can unlock the Linux operating system's full potential and efficiently perform habitual tasks.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Medium
Path Sections 15 Sections
Reward: +10
Network traffic analysis is used by security teams to monitor network activity and look for anomalies that could indicate security and operational issues. Offensive security practitioners can use network traffic analysis to search for sensitive data such as credentials, hidden applications, reachable network segments, or other potentially sensitive information "on the wire." Network traffic analysis has many uses for attackers and defenders alike.
Fundamental
Path Sections 16 Sections
Reward: +10
Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface. To be successful as penetration testers and information security professionals, we must have a firm understanding of Active Directory fundamentals, AD structures, functionality, common AD flaws, misconfigurations, and defensive measures.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.

Penetration Testing - Basics

This path covers core security assessment concepts and provides a deep understanding of the specialized tools, attack tactics, and methodology used during penetration testing. Armed with the necessary theoretical background and multiple practical exercises, students will go through all penetration testing stages, from reconnaissance and enumeration to documentation and reporting. Upon completing our first job role path, you will have obtained the practical skills and mindset necessary to perform professional security assessments against enterprise-level infrastructure at a basic to intermediate level.

Medium Path Sections 142 Sections
Required: 390
Reward: +110
Path Modules
Fundamental
Path Sections 15 Sections
Reward: +10
This module teaches the penetration testing process broken down into each stage and discussed in detail. We will cover many aspects of the role of a penetration tester during a penetration test, explained and illustrated with detailed examples. The module also covers pre-engagement steps like the criteria for establishing a contract with a client for a penetration testing engagement.
Easy
Path Sections 15 Sections
Reward: +10
The Metasploit Framework is an open-source set of tools used for network enumeration, attacks, testing security vulnerabilities, evading detection, performing privilege escalation attacks, and performing post-exploitation.
Medium
Path Sections 17 Sections
Reward: +10
Gain the knowledge and skills to identify and use shells & payloads to establish a foothold on vulnerable Windows & Linux systems. This module utilizes a fictitious scenario where the learner will place themselves in the perspective of a sysadmin trying out for a position on CAT5 Security's network penetration testing team.
Easy
Path Sections 12 Sections
Reward: +10
Nmap is one of the most used networking mapping and discovery tools because of its accurate results and efficiency. The tool is widely used by both offensive and defensive security practitioners. This module covers fundamentals that will be needed to use the Nmap tool for performing effective network enumeration.
Easy
Path Sections 17 Sections
Reward: +10
This module introduces the concept of Vulnerability Assessments. We will review the differences between vulnerability assessments and penetration tests, how to carry out a vulnerability assessment, how to interpret the assessment results, and how to deliver an effective vulnerability assessment report.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Easy
Path Sections 15 Sections
Reward: +20
Web application penetration testing frameworks are an essential part of any web penetration test. This module will teach you two of the best frameworks: Burp Suite and OWASP ZAP.
Medium
Path Sections 33 Sections
Reward: +20
Penetration Testers can come across various applications, such as Content Management Systems, custom web applications, internal portals used by developers and sysadmins, and more. It's common to find the same applications across many different environments. While an application may not be vulnerable in one environment, it may be misconfigured or unpatched in the next. It is important as an assessor to have a firm grasp of enumerating and attacking the common applications discussed in this module. This knowledge will help when encountering other types of applications during assessments.
Medium
Path Sections 10 Sections
Reward: +10
During an assessment, it is very common for us to transfer files to and from a target system. This module covers file transfer techniques leveraging tools commonly available across all versions of Windows and Linux systems.

OLX Security Champion Level 1 White belt

OLX Security Champion Level 1 White belt

Easy Path Sections 59 Sections
Required: 30
Reward: +30
Path Modules
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.

Network Security Team Test Path

Manni Team Test Path das ist ein Test

Medium Path Sections 54 Sections
Required: 130
Reward: +50
Path Modules
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Medium
Path Sections 15 Sections
Reward: +10
Network traffic analysis is used by security teams to monitor network activity and look for anomalies that could indicate security and operational issues. Offensive security practitioners can use network traffic analysis to search for sensitive data such as credentials, hidden applications, reachable network segments, or other potentially sensitive information "on the wire." Network traffic analysis has many uses for attackers and defenders alike.
Medium
Path Sections 14 Sections
Reward: +20
Authentication is probably the most straightforward and prevalent measure used to secure access to resources, and it's the first line of defense against unauthorized access. Broken authentication is listed as #7 on the 2021 OWASP Top 10 Web Application Security Risks, falling under the broader category of Identification and Authentication failures. A vulnerability or misconfiguration at the authentication stage can impact an application's overall security.

CSC3063 Secure Software Development

Content selected for the Secure Software module

Medium Path Sections 84 Sections
Required: 290
Reward: +90
Path Modules
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Easy
Path Sections 10 Sections
Reward: +10
This module covers the basics needed for working with Bash scripts to automate tasks on Linux systems. A strong grasp of Bash is a fundamental skill for anyone working in a technical information security role. Through the power of automation, we can unlock the Linux operating system's full potential and efficiently perform habitual tasks.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Medium
Path Sections 17 Sections
Reward: +10
Databases are an important part of web application infrastructure and SQL (Structured Query Language) to store, retrieve, and manipulate information stored in them. SQL injection is a code injection technique used to take advantage of coding vulnerabilities and inject SQL queries via an application to bypass authentication, retrieve data from the back-end database, or achieve code execution on the underlying server.
Medium
Path Sections 14 Sections
Reward: +20
Authentication is probably the most straightforward and prevalent measure used to secure access to resources, and it's the first line of defense against unauthorized access. Broken authentication is listed as #7 on the 2021 OWASP Top 10 Web Application Security Risks, falling under the broader category of Identification and Authentication failures. A vulnerability or misconfiguration at the authentication stage can impact an application's overall security.
Easy
Path Sections 10 Sections
Reward: +20
Cross-Site Scripting (XSS) vulnerabilities are among the most common web application vulnerabilities. An XSS vulnerability may allow an attacker to execute arbitrary JavaScript code within the target's browser and result in complete web application compromise if chained together with other vulnerabilities. This module will teach you how to identify XSS vulnerabilities and exploit them.
Easy
Path Sections 17 Sections
Reward: +10
This module introduces the concept of Vulnerability Assessments. We will review the differences between vulnerability assessments and penetration tests, how to carry out a vulnerability assessment, how to interpret the assessment results, and how to deliver an effective vulnerability assessment report.

Klingelnberg Standard

Dieser Pfad beinhaltet die von Klingelnberg empfohlenen Module die gelernt werden sollten.

Easy Path Sections 118 Sections
Required: 110
Reward: +70
Path Modules
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Easy
Path Sections 12 Sections
Reward: +10
Nmap is one of the most used networking mapping and discovery tools because of its accurate results and efficiency. The tool is widely used by both offensive and defensive security practitioners. This module covers fundamentals that will be needed to use the Nmap tool for performing effective network enumeration.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Fundamental
Path Sections 16 Sections
Reward: +10
Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface. To be successful as penetration testers and information security professionals, we must have a firm understanding of Active Directory fundamentals, AD structures, functionality, common AD flaws, misconfigurations, and defensive measures.

BlueTeam

For SOC and Blue Team Skills

Medium Path Sections 363 Sections
Required: 3070
Reward: +710
Path Modules
Fundamental
Path Sections 20 Sections
Reward: +10
The learning process is one of the essential and most important components that is often overlooked. This module does not teach you techniques to learn but describes the process of learning adapted to the field of information security. You will learn to understand how and when we learn best and increase and improve your learning efficiency greatly.
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Easy
Path Sections 12 Sections
Reward: +10
Nmap is one of the most used networking mapping and discovery tools because of its accurate results and efficiency. The tool is widely used by both offensive and defensive security practitioners. This module covers fundamentals that will be needed to use the Nmap tool for performing effective network enumeration.
Medium
Path Sections 12 Sections
Reward: +100
This module provides an overview of Active Directory (AD), introduces core AD enumeration concepts, and covers enumeration with built-in tools.
Medium
Path Sections 10 Sections
Reward: +10
During an assessment, it is very common for us to transfer files to and from a target system. This module covers file transfer techniques leveraging tools commonly available across all versions of Windows and Linux systems.
Hard
Path Sections 23 Sections
Reward: +200
OSINT (Open-source Intelligence) is a crucial stage of the penetration testing process. A thorough examination of publicly available information can increase the chances of finding a vulnerable system, gaining valid credentials through password spraying, or gaining a foothold via social engineering. There is a vast amount of publicly available information from which relevant information needs to be selected.
Medium
Path Sections 17 Sections
Reward: +10
Databases are an important part of web application infrastructure and SQL (Structured Query Language) to store, retrieve, and manipulate information stored in them. SQL injection is a code injection technique used to take advantage of coding vulnerabilities and inject SQL queries via an application to bypass authentication, retrieve data from the back-end database, or achieve code execution on the underlying server.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Easy
Path Sections 28 Sections
Reward: +20
Privilege escalation is a crucial phase during any security assessment. During this phase, we attempt to gain access to additional users, hosts, and resources to move closer to the assessment's overall goal. There are many ways to escalate privileges. This module aims to cover the most common methods emphasizing real-world misconfigurations and flaws that we may encounter in a client environment. The techniques covered in this module are not an exhaustive list of all possibilities and aim to avoid extreme "edge-case" tactics that may be seen in a Capture the Flag (CTF) exercise.
Easy
Path Sections 11 Sections
Reward: +20
Learn how to brute force logins for various types of services and create custom wordlists based on your target.
Medium
Path Sections 33 Sections
Reward: +20
After gaining a foothold, elevating our privileges will provide more options for persistence and may reveal information stored locally that can further our access in the environment. Enumeration is the key to privilege escalation. When you gain initial shell access to the host, it is important to gain situational awareness and uncover details relating to the OS version, patch level, any installed software, our current privileges, group memberships, and more. Windows presents an enormous attack surface and, being that most companies run Windows hosts in some way, we will more often than not find ourselves gaining access to Windows machines during our assessments. This covers common methods while emphasizing real-world misconfigurations and flaws that we may encounter during an assessment. There are many additional "edge-case" possibilities not covered in this module. We will cover both modern and legacy Windows Server and Desktop versions that may be present in a client environment.
Medium
Path Sections 9 Sections
Reward: +100
This module covers AD enumeration focusing on the PowerView and SharpView tools. We will cover various techniques for enumerating key AD objects that will inform our attacks in later modules.
Medium
Path Sections 14 Sections
Reward: +100
This module covers AD enumeration focusing on the BloodHound tool. We will cover various techniques for enumerating key AD objects that will inform our attacks in later modules.
Fundamental
Path Sections 16 Sections
Reward: +10
Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface. To be successful as penetration testers and information security professionals, we must have a firm understanding of Active Directory fundamentals, AD structures, functionality, common AD flaws, misconfigurations, and defensive measures.
Medium
Path Sections 15 Sections
Reward: +10
Network traffic analysis is used by security teams to monitor network activity and look for anomalies that could indicate security and operational issues. Offensive security practitioners can use network traffic analysis to search for sensitive data such as credentials, hidden applications, reachable network segments, or other potentially sensitive information "on the wire." Network traffic analysis has many uses for attackers and defenders alike.
Fundamental
Path Sections 9 Sections
Reward: +10
This module covers topics that will help us be better prepared before conducting penetration tests. Preparations before a penetration test can often take a lot of time and effort, and this module shows how to prepare efficiently.
Easy
Path Sections 17 Sections
Reward: +10
This module introduces the concept of Vulnerability Assessments. We will review the differences between vulnerability assessments and penetration tests, how to carry out a vulnerability assessment, how to interpret the assessment results, and how to deliver an effective vulnerability assessment report.
Medium
Path Sections 36 Sections
Reward: +20
Active Directory (AD) is the leading enterprise domain management suite, providing identity and access management, centralized domain administration, authentication, and much more. Due to the many features and complexity of AD, it presents a large attack surface that is difficult to secure properly. To be successful as infosec professionals, we must understand AD architectures and how to secure our enterprise environments. As Penetration testers, having a firm grasp of what tools, techniques, and procedures are available to us for enumerating and attacking AD environments and commonly seen AD misconfigurations is a must.

Einstieg

Einsteiger Labs für ein selbes Grundverständnis

Easy Path Sections 219 Sections
Required: 440
Reward: +160
Path Modules
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 20 Sections
Reward: +10
The learning process is one of the essential and most important components that is often overlooked. This module does not teach you techniques to learn but describes the process of learning adapted to the field of information security. You will learn to understand how and when we learn best and increase and improve your learning efficiency greatly.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Easy
Path Sections 10 Sections
Reward: +10
This module covers the basics needed for working with Bash scripts to automate tasks on Linux systems. A strong grasp of Bash is a fundamental skill for anyone working in a technical information security role. Through the power of automation, we can unlock the Linux operating system's full potential and efficiently perform habitual tasks.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Fundamental
Path Sections 16 Sections
Reward: +10
Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface. To be successful as penetration testers and information security professionals, we must have a firm understanding of Active Directory fundamentals, AD structures, functionality, common AD flaws, misconfigurations, and defensive measures.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Fundamental
Path Sections 9 Sections
Reward: +10
This module covers topics that will help us be better prepared before conducting penetration tests. Preparations before a penetration test can often take a lot of time and effort, and this module shows how to prepare efficiently.
Easy
Path Sections 14 Sections
Reward: +10
Automating tedious or otherwise impossible tasks is highly valued during both penetration testing engagements and everyday life. Introduction to Python 3 aims to introduce the student to the world of scripting with Python 3 and covers the essential building blocks needed for a beginner to understand programming. Some advanced topics are also covered for the more experienced student. In a guided fashion and starting soft, the final goal of this module is to equip the reader with enough know-how to be able to implement simple yet useful pieces of software.
Fundamental
Path Sections 15 Sections
Reward: +10
This module teaches the penetration testing process broken down into each stage and discussed in detail. We will cover many aspects of the role of a penetration tester during a penetration test, explained and illustrated with detailed examples. The module also covers pre-engagement steps like the criteria for establishing a contract with a client for a penetration testing engagement.
Easy
Path Sections 6 Sections
Reward: +10
Bug bounty programs encourage security researchers to identify bugs and submit vulnerability reports. Getting into the world of bug bounty hunting without any prior experience can be a daunting task, though. This module covers the bug bounty hunting process to help you start bug bounty hunting in an organized and well-structured way. It's all about effectiveness and professionally communicating your findings.
Easy
Path Sections 8 Sections
Reward: +20
Proper documentation is paramount during any engagement. The end goal of a technical assessment is the report deliverable which will often be presented to a broad audience within the target organization. We must take detailed notes and be very organized in our documentation, which will help us in the event of an incident during the assessment. This will also help ensure that our reports contain enough detail to illustrate the impact of our findings properly.
Easy
Path Sections 23 Sections
Reward: +10
As administrators and Pentesters, we may not always be able to utilize a graphical user interface for the actions we need to perform. Introduction to Windows Command Line aims to introduce students to the wide range of uses for Command Prompt and PowerShell within a Windows environment. We will cover basic usage of both key executables for administration, useful PowerShell cmdlets and modules, and different ways to leverage these tools to our benefit.

VOID Bootcamp

VOID web application security fundamentals

Easy Path Sections 102 Sections
Required: 350
Reward: +110
Path Modules
Easy
Path Sections 17 Sections
Reward: +10
This module introduces the concept of Vulnerability Assessments. We will review the differences between vulnerability assessments and penetration tests, how to carry out a vulnerability assessment, how to interpret the assessment results, and how to deliver an effective vulnerability assessment report.
Easy
Path Sections 10 Sections
Reward: +20
Cross-Site Scripting (XSS) vulnerabilities are among the most common web application vulnerabilities. An XSS vulnerability may allow an attacker to execute arbitrary JavaScript code within the target's browser and result in complete web application compromise if chained together with other vulnerabilities. This module will teach you how to identify XSS vulnerabilities and exploit them.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Easy
Path Sections 11 Sections
Reward: +20
Learn how to brute force logins for various types of services and create custom wordlists based on your target.
Easy
Path Sections 11 Sections
Reward: +10
This module will take you step-by-step through the fundamentals of JavaScript Deobfuscation until you can deobfuscate basic JavaScript code and understand its purpose.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Easy
Path Sections 13 Sections
Reward: +10
This module covers the fundamental enumeration skills of web fuzzing and directory brute forcing using the Ffuf tool. The techniques learned in this module will help us in locating hidden pages, directories, and parameters when targeting web applications.
Easy
Path Sections 15 Sections
Reward: +20
Web application penetration testing frameworks are an essential part of any web penetration test. This module will teach you two of the best frameworks: Burp Suite and OWASP ZAP.

GitGud Fundamentals

Get good at what you are doing. Modules covering the fundamentals of ICT principles and security.

Easy Path Sections 216 Sections
Required: 490
Reward: +170
Path Modules
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 20 Sections
Reward: +10
The learning process is one of the essential and most important components that is often overlooked. This module does not teach you techniques to learn but describes the process of learning adapted to the field of information security. You will learn to understand how and when we learn best and increase and improve your learning efficiency greatly.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Easy
Path Sections 23 Sections
Reward: +10
As administrators and Pentesters, we may not always be able to utilize a graphical user interface for the actions we need to perform. Introduction to Windows Command Line aims to introduce students to the wide range of uses for Command Prompt and PowerShell within a Windows environment. We will cover basic usage of both key executables for administration, useful PowerShell cmdlets and modules, and different ways to leverage these tools to our benefit.
Medium
Path Sections 6 Sections
Reward: +20
This module covers the exploration of Windows Event Logs and their significance in uncovering suspicious activities. Throughout the course, we delve into the anatomy of Windows Event Logs and highlight the logs that hold the most valuable information for investigations. The module also focuses on utilizing Sysmon and Event Logs for detecting and analyzing malicious behavior. Additionally, we delve into Event Tracing for Windows (ETW), explaining its architecture and components, and provide ETW-based detection examples. To streamline the analysis process, we introduce the powerful Get-WinEvent cmdlet.
Fundamental
Path Sections 16 Sections
Reward: +10
Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface. To be successful as penetration testers and information security professionals, we must have a firm understanding of Active Directory fundamentals, AD structures, functionality, common AD flaws, misconfigurations, and defensive measures.
Easy
Path Sections 11 Sections
Reward: +20
This module provides a concise yet comprehensive overview of Security Information and Event Management (SIEM) and the Elastic Stack. It demystifies the essential workings of a Security Operation Center (SOC), explores the application of the MITRE ATT&CK framework within SOCs, and introduces SIEM (KQL) query development. With a focus on practical skills, students will learn how to develop SIEM use cases and visualizations using the Elastic Stack.
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Medium
Path Sections 15 Sections
Reward: +10
Network traffic analysis is used by security teams to monitor network activity and look for anomalies that could indicate security and operational issues. Offensive security practitioners can use network traffic analysis to search for sensitive data such as credentials, hidden applications, reachable network segments, or other potentially sensitive information "on the wire." Network traffic analysis has many uses for attackers and defenders alike.
Easy
Path Sections 18 Sections
Reward: +20
Through network traffic analysis, this module sharpens skills in detecting link layer attacks such as ARP anomalies and rogue access points, identifying network abnormalities like IP spoofing and TCP handshake irregularities, and uncovering application layer threats from web-based vulnerabilities to peculiar DNS activities.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Fundamental
Path Sections 9 Sections
Reward: +10
Security Incident handling has become a vital part of each organization's defensive strategy, as attacks constantly evolve and successful compromises are becoming a daily occurrence. In this module, we will review the process of handling an incident from the very early stage of detecting a suspicious event, to confirming a compromise and responding to it.
Medium Path Sections 205 Sections
Required: 1330
Reward: +330
Path Modules
Fundamental
Path Sections 8 Sections
Reward: +10
Your first stop in Hack The Box Academy to become acquainted with the platform, its features, and its learning process.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Easy
Path Sections 12 Sections
Reward: +10
Nmap is one of the most used networking mapping and discovery tools because of its accurate results and efficiency. The tool is widely used by both offensive and defensive security practitioners. This module covers fundamentals that will be needed to use the Nmap tool for performing effective network enumeration.
Easy
Path Sections 17 Sections
Reward: +10
This module introduces the concept of Vulnerability Assessments. We will review the differences between vulnerability assessments and penetration tests, how to carry out a vulnerability assessment, how to interpret the assessment results, and how to deliver an effective vulnerability assessment report.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Easy
Path Sections 10 Sections
Reward: +10
This module covers the basics needed for working with Bash scripts to automate tasks on Linux systems. A strong grasp of Bash is a fundamental skill for anyone working in a technical information security role. Through the power of automation, we can unlock the Linux operating system's full potential and efficiently perform habitual tasks.
Easy
Path Sections 23 Sections
Reward: +10
As administrators and Pentesters, we may not always be able to utilize a graphical user interface for the actions we need to perform. Introduction to Windows Command Line aims to introduce students to the wide range of uses for Command Prompt and PowerShell within a Windows environment. We will cover basic usage of both key executables for administration, useful PowerShell cmdlets and modules, and different ways to leverage these tools to our benefit.
Medium
Path Sections 15 Sections
Reward: +10
Network traffic analysis is used by security teams to monitor network activity and look for anomalies that could indicate security and operational issues. Offensive security practitioners can use network traffic analysis to search for sensitive data such as credentials, hidden applications, reachable network segments, or other potentially sensitive information "on the wire." Network traffic analysis has many uses for attackers and defenders alike.
Fundamental
Path Sections 16 Sections
Reward: +10
Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface. To be successful as penetration testers and information security professionals, we must have a firm understanding of Active Directory fundamentals, AD structures, functionality, common AD flaws, misconfigurations, and defensive measures.
Easy
Path Sections 11 Sections
Reward: +10
This module will take you step-by-step through the fundamentals of JavaScript Deobfuscation until you can deobfuscate basic JavaScript code and understand its purpose.
Hard
Path Sections 17 Sections
Reward: +200
Learn how to improve your JavaScript code's security through Code Review, Static/Dynamic Analysis, Vulnerability Identification, and Patching.
Medium
Path Sections 24 Sections
Reward: +20
This module builds the core foundation for Binary Exploitation by teaching Computer Architecture and Assembly language basics.

CREST CPSA/CRT Preparation

This is a skill path to prepare you for CREST's CPSA and CRT exams. The following CPSA/CRT syllabus areas (IDs) are covered: A1, A2, A3, A4, A5, B1, B4, B5, B6, B8, B9, B13, B14, C1, C2, C3, C4, D1, D2, E1, E2, E3, E4, E5, E9, F1, F2, F3, F4, F5, F6, F7, F8, F9, G1, G2, G4, G5, G6, G7, G8, G9, H1, H2, H3, H4, H5, H6, H8, H9, H10, H11, H12, H13, I1, I2, I3, I6, J1, J2, J3. Take your time to complete all related sections and when you are ready you can book your CREST exam through the following links. CREST CPSA: https://www.crest-approved.org/certification-careers/crest-certifications/crest-practitioner-security-analyst/. CREST CRT: https://www.crest-approved.org/certification-careers/crest-certifications/crest-registered-penetration-tester/.

Medium Path Sections 837 Sections
Required: 6800
Reward: +1480
Path Modules
Fundamental
Path Sections 21 Sections
Reward: +10
As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation in networking, it will be tough to progress in any area of information security. Understanding how a network is structured and how the communication between the individual hosts and servers takes place using the various protocols allows us to understand the entire network structure and its network traffic in detail and how different communication standards are handled. This knowledge is essential to create our tools and to interact with the protocols.
Fundamental
Path Sections 8 Sections
Reward: +10
This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.
Fundamental
Path Sections 17 Sections
Reward: +10
In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an information security perspective.
Fundamental
Path Sections 30 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Linux operating system and shell.
Fundamental
Path Sections 14 Sections
Reward: +10
This module covers the fundamentals required to work comfortably with the Windows operating system.
Easy
Path Sections 23 Sections
Reward: +10
As administrators and Pentesters, we may not always be able to utilize a graphical user interface for the actions we need to perform. Introduction to Windows Command Line aims to introduce students to the wide range of uses for Command Prompt and PowerShell within a Windows environment. We will cover basic usage of both key executables for administration, useful PowerShell cmdlets and modules, and different ways to leverage these tools to our benefit.
Medium
Path Sections 6 Sections
Reward: +20
This module covers the exploration of Windows Event Logs and their significance in uncovering suspicious activities. Throughout the course, we delve into the anatomy of Windows Event Logs and highlight the logs that hold the most valuable information for investigations. The module also focuses on utilizing Sysmon and Event Logs for detecting and analyzing malicious behavior. Additionally, we delve into Event Tracing for Windows (ETW), explaining its architecture and components, and provide ETW-based detection examples. To streamline the analysis process, we introduce the powerful Get-WinEvent cmdlet.
Hard
Path Sections 9 Sections
Reward: +20
This module offers an exploration of malware analysis, specifically targeting Windows-based threats. The module covers Static Analysis utilizing Linux and Windows tools, Malware Unpacking, Dynamic Analysis (including malware traffic analysis), Reverse Engineering for Code Analysis, and Debugging using x64dbg. Real-world malware examples such as WannaCry, DoomJuice, Brbbot, Dharma, and Meterpreter are analyzed to provide practical experience.
Medium
Path Sections 15 Sections
Reward: +10
Network traffic analysis is used by security teams to monitor network activity and look for anomalies that could indicate security and operational issues. Offensive security practitioners can use network traffic analysis to search for sensitive data such as credentials, hidden applications, reachable network segments, or other potentially sensitive information "on the wire." Network traffic analysis has many uses for attackers and defenders alike.
Easy
Path Sections 18 Sections
Reward: +20
Through network traffic analysis, this module sharpens skills in detecting link layer attacks such as ARP anomalies and rogue access points, identifying network abnormalities like IP spoofing and TCP handshake irregularities, and uncovering application layer threats from web-based vulnerabilities to peculiar DNS activities.
Fundamental
Path Sections 15 Sections
Reward: +10
This module teaches the penetration testing process broken down into each stage and discussed in detail. We will cover many aspects of the role of a penetration tester during a penetration test, explained and illustrated with detailed examples. The module also covers pre-engagement steps like the criteria for establishing a contract with a client for a penetration testing engagement.
Easy
Path Sections 12 Sections
Reward: +10
Nmap is one of the most used networking mapping and discovery tools because of its accurate results and efficiency. The tool is widely used by both offensive and defensive security practitioners. This module covers fundamentals that will be needed to use the Nmap tool for performing effective network enumeration.
Medium
Path Sections 21 Sections
Reward: +20
This module covers techniques for footprinting the most commonly used services in almost all enterprise and business IT infrastructures. Footprinting is an essential phase of any penetration test or security audit to identify and prevent information disclosure. Using this process, we examine the individual services and attempt to obtain as much information from them as possible.
Easy
Path Sections 19 Sections
Reward: +20
This module equips learners with essential web reconnaissance skills, crucial for ethical hacking and penetration testing. It explores both active and passive techniques, including DNS enumeration, web crawling, analysis of web archives and HTTP headers, and fingerprinting web technologies.
Easy
Path Sections 17 Sections
Reward: +10
This module introduces the concept of Vulnerability Assessments. We will review the differences between vulnerability assessments and penetration tests, how to carry out a vulnerability assessment, how to interpret the assessment results, and how to deliver an effective vulnerability assessment report.
Medium
Path Sections 10 Sections
Reward: +10
During an assessment, it is very common for us to transfer files to and from a target system. This module covers file transfer techniques leveraging tools commonly available across all versions of Windows and Linux systems.
Medium
Path Sections 17 Sections
Reward: +10
Gain the knowledge and skills to identify and use shells & payloads to establish a foothold on vulnerable Windows & Linux systems. This module utilizes a fictitious scenario where the learner will place themselves in the perspective of a sysadmin trying out for a position on CAT5 Security's network penetration testing team.
Easy
Path Sections 15 Sections
Reward: +10
The Metasploit Framework is an open-source set of tools used for network enumeration, attacks, testing security vulnerabilities, evading detection, performing privilege escalation attacks, and performing post-exploitation.
Medium
Path Sections 22 Sections
Reward: +10
Passwords are still the primary method of authentication in corporate networks. If strong password policies are not in place, users will often opt for weak, easy-to-remember passwords that can often be cracked offline and used to further our access. We will encounter passwords in many forms during our assessments. We must understand the various ways they are stored, how they can be retrieved, methods to crack weak passwords, ways to use hashes that cannot be cracked, and hunting for weak/default password usage.
Medium
Path Sections 19 Sections
Reward: +20
Organizations regularly use a standard set of services for different purposes. It is vital to conduct penetration testing activities on each service internally and externally to ensure that they are not introducing security threats. This module will cover how to enumerate each service and test it against known vulnerabilities and exploits with a standard set of tools.
Medium
Path Sections 14 Sections
Reward: +20
This module covers the fundamentals of password cracking using the Hashcat tool.
Fundamental
Path Sections 16 Sections
Reward: +10
Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface. To be successful as penetration testers and information security professionals, we must have a firm understanding of Active Directory fundamentals, AD structures, functionality, common AD flaws, misconfigurations, and defensive measures.
Medium
Path Sections 18 Sections
Reward: +20
Once a foothold is gained during an assessment, it may be in scope to move laterally and vertically within a target network. Using one compromised machine to access another is called pivoting and allows us to access networks and resources that are not directly accessible to us through the compromised host. Port forwarding accepts the traffic on a given IP address and port and redirects it to a different IP address and port combination. Tunneling is a technique that allows us to encapsulate traffic within another protocol so that it looks like a benign traffic stream.
Medium
Path Sections 9 Sections
Reward: +100
This module covers AD enumeration focusing on the PowerView and SharpView tools. We will cover various techniques for enumerating key AD objects that will inform our attacks in later modules.
Medium
Path Sections 36 Sections
Reward: +20
Active Directory (AD) is the leading enterprise domain management suite, providing identity and access management, centralized domain administration, authentication, and much more. Due to the many features and complexity of AD, it presents a large attack surface that is difficult to secure properly. To be successful as infosec professionals, we must understand AD architectures and how to secure our enterprise environments. As Penetration testers, having a firm grasp of what tools, techniques, and procedures are available to us for enumerating and attacking AD environments and commonly seen AD misconfigurations is a must.
Easy
Path Sections 28 Sections
Reward: +20
Privilege escalation is a crucial phase during any security assessment. During this phase, we attempt to gain access to additional users, hosts, and resources to move closer to the assessment's overall goal. There are many ways to escalate privileges. This module aims to cover the most common methods emphasizing real-world misconfigurations and flaws that we may encounter in a client environment. The techniques covered in this module are not an exhaustive list of all possibilities and aim to avoid extreme "edge-case" tactics that may be seen in a Capture the Flag (CTF) exercise.
Medium
Path Sections 33 Sections
Reward: +20
After gaining a foothold, elevating our privileges will provide more options for persistence and may reveal information stored locally that can further our access in the environment. Enumeration is the key to privilege escalation. When you gain initial shell access to the host, it is important to gain situational awareness and uncover details relating to the OS version, patch level, any installed software, our current privileges, group memberships, and more. Windows presents an enormous attack surface and, being that most companies run Windows hosts in some way, we will more often than not find ourselves gaining access to Windows machines during our assessments. This covers common methods while emphasizing real-world misconfigurations and flaws that we may encounter during an assessment. There are many additional "edge-case" possibilities not covered in this module. We will cover both modern and legacy Windows Server and Desktop versions that may be present in a client environment.
Hard
Path Sections 23 Sections
Reward: +100
Kerberos is an authentication protocol that allows users to authenticate and access services on a potentially insecure network. Due to its prevalence throughout an Active Directory environment, it presents us with a significant attack surface when assessing internal networks. This module will explain how Kerberos works thoroughly and examines several scenarios to practice the most common attacks against it from multiple perspectives.
Hard
Path Sections 10 Sections
Reward: +100
The NTLM authentication protocol is commonly used within Windows-based networks to facilitate authentication between clients and servers. However, NTLM's inherent weaknesses make it susceptible to Adversary-in-the-Middle attacks, providing a significant attack vector. This module focuses on the various NTLM relay attacks that attackers use to compromise Active Directory networks.
DACL Attacks I
mini module tag Mini-Module
Hard
Path Sections 7 Sections
Reward: +100
Discretionary Access Control Lists (DACLs), found within security descriptors, are a fundamental component of the security model of Windows and Active Directory, defining and enforcing access to the various system resources. This mini-module will cover enumerating and attacking common DACL misconfigurations, allowing us to escalate our privileges horizontally and vertically and move laterally across an Active Directory network.
Medium
Path Sections 13 Sections
Reward: +10
Buffer overflows are common vulnerabilities in software applications that can be exploited to achieve remote code execution (RCE) or perform a Denial-of-Service (DoS) attack. These vulnerabilities are caused by insecure coding, resulting in an attacker being able to overrun a program's buffer and overwrite adjacent memory locations, changing the program's execution path and resulting in unintended actions.
Medium
Path Sections 11 Sections
Reward: +10
This module is your first step into Windows Binary Exploitation, and it will teach you how to exploit local and remote buffer overflow vulnerabilities on Windows machines.
Easy
Path Sections 15 Sections
Reward: +20
Web application penetration testing frameworks are an essential part of any web penetration test. This module will teach you two of the best frameworks: Burp Suite and OWASP ZAP.
Easy
Path Sections 13 Sections
Reward: +10
This module covers the fundamental enumeration skills of web fuzzing and directory brute forcing using the Ffuf tool. The techniques learned in this module will help us in locating hidden pages, directories, and parameters when targeting web applications.
Easy
Path Sections 11 Sections
Reward: +20
Learn how to brute force logins for various types of services and create custom wordlists based on your target.
Medium
Path Sections 15 Sections
Reward: +100
This module covers details on Transport Layer Security (TLS) and how it helps to make HTTP secure with the widely used HTTPS. That includes how TLS works, how TLS sessions are established, common TLS misconfigurations, as well as famous attacks on TLS. We will discuss how to identify, exploit, and prevent TLS attacks.
Easy
Path Sections 10 Sections
Reward: +20
Cross-Site Scripting (XSS) vulnerabilities are among the most common web application vulnerabilities. An XSS vulnerability may allow an attacker to execute arbitrary JavaScript code within the target's browser and result in complete web application compromise if chained together with other vulnerabilities. This module will teach you how to identify XSS vulnerabilities and exploit them.
Medium
Path Sections 14 Sections
Reward: +20
Maintaining and keeping track of a user's session is an integral part of web applications. It is an area that requires extensive testing to ensure it is set up robustly and securely. This module covers the most common attacks and vulnerabilities that can affect web application sessions, such as Session Hijacking, Session Fixation, Cross-Site Request Forgery, Cross-Site Scripting, and Open Redirects.
Medium
Path Sections 17 Sections
Reward: +10
Databases are an important part of web application infrastructure and SQL (Structured Query Language) to store, retrieve, and manipulate information stored in them. SQL injection is a code injection technique used to take advantage of coding vulnerabilities and inject SQL queries via an application to bypass authentication, retrieve data from the back-end database, or achieve code execution on the underlying server.
Easy
Path Sections 11 Sections