What is HackTheBox and how to start

January 01, 2021

When learning Ethical Hacking it is important that, above all, you practice, that is why currently there are many platforms that offer a network of vulnerable machines with which you can practice and improve your ethical hacking skills in a legal and controlled way, there are many, the best to start currently is TryHackMe because, it is a platform where users without any knowledge on the subject can start learning, if you are already in TryHackMe.

Well, on the other hand, there are also more professional platforms, platforms to which access without any knowledge is complex, not impossible, it all depends on the desire and hours that you put, one of these platforms is HackTheBox, something similar to TryHackMe, only, as I said before, more professional.

What is HackTheBox

It is a platform where you can practice and improve your skills in various subdomains of cybersecurity, mainly pentesting, consists of a lot of machines (active and retired) with which you will be able to practice, usually, each machine is solved in a different way to the others, so you will have to inquire for each machine on different technologies, formerly, a web challenge was requested to register on the platform, today, it is not necessary.

First steps in HackTheBox

Once you access as such to the platform, you will find this dashboard, a few months ago HackTheBox updated its aesthetics, looking like this.

Now, what we are interested in are the challenges, so, go to the left menu and click on “Labs”.

There are many categories, in this case, the most commonly used to practice pentesting topics are the “machines”, where, as we said, there will be hundreds of machines in controlled environments and that are designed to be vulnerable, thus giving us the opportunity to learn and reinforce your techniques for when you have to work in offensive security and have to do an audit to a client.

The machines are divided into active and retired, the active ones are free while the retired ones are not, which means that, if you want to practice with them and do not want to pay, you should go for the active ones, which are free, if you want to practice with both active and retired, you will have to pay a subscription.

On the other hand, there are also the challenges, which cover many more topics than just pentesting, and the same classification of active and retired also applies.

HackTheBox, also has a ranking, because, every time you solve machines and challenges you get points (only if the machine or challenge is active, not retired) and, they are points that will allow you to be above or below the national ranking of your country or worldwide.

To finish this little tour, you have the option to connect via VPN to the platform’s labs, this option is located at the top right and you must select which lab you want to connect to so that you can download the corresponding .ovpn file, if you do not know how to connect already having the ovpn file, you can look at the tutorial we did to connect to the TryHackMe VPN, it is the same process for HackTheBox.

How do I get started at HackTheBox

Well, once clear a little about the interface of the platform, if you start from scratch in cybersecurity, first, look at the courses in the Cyber Security and Privacy series, you will learn a lot and, second, to start in HackTheBox without base, it is required that you do the “Started Point” route, designed by HackTheBox where they will teach you the basics so you can start making machines, this route is also found in the menu on the left side of the dashboard.

Finally, something to keep in mind about this platform is that they often exaggerate the difficulty of challenges and machines, there will be machines that will tell you that they are “difficult” and they are really very simple, so whatever the difficulty of a machine, do not let that stop you from doing it, the important thing is to practice so that someday you will be the one to protect the information from third parties, besides knowing that there are other alternatives to HackTheBox, so that you have them in mind and do the most important thing, which is to be constantly learning.

Exodia OS

Exodia OS – The new pentesting system

There are many operating systems focused on cybersecurity, both systems focused on...
Diferencia entre exploit y payload

Difference between Exploit and Payload

Within the offensive security procedures mainly, as in a pentesting or Red Team...
Empezar en HackTheBox

Machines to Start at HackTheBox

If you are thinking about starting in HackTheBox, specifically to start making their...

How to connect to TryHackMe VPN

If you are interested in learning cybersecurity you may have heard of TryHackMe, you...

TryHackMe Vs HackTheBox comparison 2023

HackTheBox and TryHackMe are platforms oriented to training focused mainly on offensive...

What is Pentesting, phases and types

Within computer security, there are several processes that mainly differ in the way they...

Alternatives to HackTheBox

When users passionate about cybersecurity are looking for a platform to reinforce and...