👩‍💻 Project Overview

HackTheBox is an online cybersecurity training platform which allows IT professionals to learn and advance their ethical hacking skills. HackTheBox offers several types of training including the Academy, Capture the Flag, and Battlegrounds. This project will be using the Hacking Labs training, which consists of servers running intentionally vulnerable services and applications. A student can log into these servers or “boxes” through the use of the VPN file provided by HackTheBox.

Throughout the next 30 days, attempt the “active” and “retired” machines available on HackTheBox. This project will be broken down into four total weeks.

🏆 Goal

Learn the basics of hacking tactics and techniques by using tools, scripts, and overall methodologies to find hidden flags. Using HackTheBox as the platform, acquire hands-on experience with easy and medium level boxes. Read write-ups and guides to learn more about the techniques used and tools to find while actively working on a box. The capstone goal is to challenge yourself to find the hidden flags without guides or write-ups after learning the basic methodologies.

👍 The Project

Week #1: Lab Creation & Starting Point

Setup your HackTheBox lab environment with VirtualBox and Kali Linux. Connect to VirtualBox using OpenVPN. Follow along with the “Starting Point” modules. Complete the 4 free modules in tier 0. You will still be able to continue forward without a VIP subscription for the “VIP Tiers”.

Week #2: Tier 1 and 2 Starting Point Modules

Complete Tier 1 and 2 from the “Starting Point” modules. Tier 1 focuses on fundamental exploitation techniques. Tier 2 are full-fledged machines and chain multiple steps together. You’ll need to enumerate, gain an initial foothold, and escalate your privileges to reach root/system.

Week #3: Hacking Labs

Finish Tier 2 from “Starting Point” if not completed already. Then begin with the two retired free machines with the official write-ups provided. Follow along with written guides directly from HackTheBox. Take notes and follow along step-by-step. Ideally the two free boxes will be labeled as easy.

Week #4: Capstone

HackTheBox offers 13 free retired boxes. Choose whichever 2 boxes to work on. Try to stick with easy and medium tiered machines. Follow along with write-ups and videos sourced from the Internet. Attempt one easy machine and one medium machine without any written guides. When stuck, search for hints if possible before referencing written guides.

🎓 Total Machines

4

Finishing this project will include 4 total boxes plus all free modules available in tier 0, 1, 2 in Starting Point.

📚 Resources

• HackTheBox Sign-up
• Introduction to Lab Access
• Introduction to Starting Point
• How to Play Machines
• Ippsec – Video Walkthroughs

NOTE: This list will continue to be updated.