When learning Ethical Hacking it is important that, above all, you practice, that is why currently there are many platforms that offer a network of vulnerable machines with which you can practice and improve your ethical hacking skills in a legal and controlled way, there are many, the best to start currently is TryHackMe because, it is a platform where users without any knowledge on the subject can start learning, if you are already in TryHackMe.
Well, on the other hand, there are also more professional platforms, platforms to which access without any knowledge is complex, not impossible, it all depends on the desire and hours that you put, one of these platforms is HackTheBox, something similar to TryHackMe, only, as I said before, more professional.
What is HackTheBox
It is a platform where you can practice and improve your skills in various subdomains of cybersecurity, mainly pentesting, consists of a lot of machines (active and retired) with which you will be able to practice, usually, each machine is solved in a different way to the others, so you will have to inquire for each machine on different technologies, formerly, a web challenge was requested to register on the platform, today, it is not necessary.
First steps in HackTheBox
Once you access as such to the platform, you will find this dashboard, a few months ago HackTheBox updated its aesthetics, looking like this.
Now, what we are interested in are the challenges, so, go to the left menu and click on “Labs”.
There are many categories, in this case, the most commonly used to practice pentesting topics are the “machines”, where, as we said, there will be hundreds of machines in controlled environments and that are designed to be vulnerable, thus giving us the opportunity to learn and reinforce your techniques for when you have to work in offensive security and have to do an audit to a client.
The machines are divided into active and retired, the active ones are free while the retired ones are not, which means that, if you want to practice with them and do not want to pay, you should go for the active ones, which are free, if you want to practice with both active and retired, you will have to pay a subscription.
On the other hand, there are also the challenges, which cover many more topics than just pentesting, and the same classification of active and retired also applies.
HackTheBox, also has a ranking, because, every time you solve machines and challenges you get points (only if the machine or challenge is active, not retired) and, they are points that will allow you to be above or below the national ranking of your country or worldwide.
To finish this little tour, you have the option to connect via VPN to the platform’s labs, this option is located at the top right and you must select which lab you want to connect to so that you can download the corresponding .ovpn file, if you do not know how to connect already having the ovpn file, you can look at the tutorial we did to connect to the TryHackMe VPN, it is the same process for HackTheBox.
How do I get started at HackTheBox
Well, once clear a little about the interface of the platform, if you start from scratch in cybersecurity, first, look at the courses in the Cyber Security and Privacy series, you will learn a lot and, second, to start in HackTheBox without base, it is required that you do the “Started Point” route, designed by HackTheBox where they will teach you the basics so you can start making machines, this route is also found in the menu on the left side of the dashboard.
Finally, something to keep in mind about this platform is that they often exaggerate the difficulty of challenges and machines, there will be machines that will tell you that they are “difficult” and they are really very simple, so whatever the difficulty of a machine, do not let that stop you from doing it, the important thing is to practice so that someday you will be the one to protect the information from third parties, besides knowing that there are other alternatives to HackTheBox, so that you have them in mind and do the most important thing, which is to be constantly learning.