Getting started with hackthebox

Career Path, Labs: Penetration Tester
Challenges: Penetration Tester, Forensics, Malware
Level: All

Until now I never realized that hackthebox also offers free accounts, so I decided to test it and write a short post. 

After a challenge here you can create your login. With the connection pack for openvpn it is possible to connect to the labs with a Kali machine (or any other Linux I guess), easy.

With the free account you can solve challenges and active machines.

Active machines
For owning systems and users there are flags that are stored in files on the machines, for example:

The labs remind me about the OSCP labs, and lots of people are using them for training before the OSCP certification (which might be a good idea, though I did not) or to get an impression about the labs and the exam.

For more information and getting an impression about owning boxes look here, lot’s of walkthoughs for retired boxes.

At the time of this writing 20 machines were online, with different OS versions (Linux, Windows, BSD) and different scenarios. I had a closer look at some boxes and solved one so far in a couple of hours. 

The lab looks really fun, and I would recommend it for everyone who wants to train and learn hacking.

The challenges also look quite good, i had a look but honestly, I am much more into owning. Here are the categories for the challenges:

For solving for example the Stego challenges, you download a file with a hidden message and have to find it. I was surprised that there are also some Forensics challenges, I will defilnetly have a look into those too.

This is definetly a great playground for everyone who is into solving challenges and pwn boxes. I am not sure if hackthebox is good for total beginners, there are no big explanations or tutorials for the machines or what is to do. There are the official forums with hints and some websites offering more in depth explanations, although the rules say that this should not be done, and somehow as an OSCP taker (“Try harder”) this feels like cheating. With the VIP membership you also have the retired machines with walkthroughs.

For your career hands-on and solving challenges is a very important part, so I recommend: sign up.


Coursera courses for free

Like for EDX, it is possible to take coursera courses for free. Here is a short example.

Login (or register if you have no account). Go to the course you want to attend to, in this example I take “Programming Languages, Part A”. Please note that the option described here are not possible for all courses.

On the course page select “Enroll”:

In the pop-up choose “Full course. No certificate” and continue.

And you can start:

Have fun!

EDX courses for free

EDX courses can be taken for free. Of course then you will miss the certificate, but the content is the same. Also you have a time limit for viewing the content, but in my experience it is more than enough.

Here is a short example:
After logging in with your account (register if you do not have one) search for the course you want attend to.

For the example I choosed “Introduction to Cybersecurity”.

Choose “Enroll now” on the course page:

Scroll down a bit and choose “Audit this course”:

One the next page you can just start the course. A dialog might be shown that you can earn the certificate, you can just ignore that or choose “Explore the course” here:

Enjoy and keep learning!

Review Cybrary Advanced Cyber Threat Intelligence

Since I found that some information was missing from this course
I found a course on cybrary, which is only about 3 hours long and which is free.

So the review will also be a bit shorter. For the content please review:

Module 1 – Threat Intelligence Maturity Model is the intro, with an interesting analysis about maturity levels of organisations related to threat intelligence which I found pretty informative.

Module 2 – Campaigns and Open-Source Threat Intelligence comes with some information about OSINT and visualization, which is also covered a bit broader in the course that I took previously.

Module 3 – Sharing Operational Threat Intelligence is a bit more interesting, since here we start with “Sharing Operational Threat Intelligence”. This comes with some information about Crowdstrike & Alienvault, Yara, TLP, CybOX and STIX, TAXII. Finally some information about Tactical/Operational sharing, which was interesting, because the author seems to know that things like ROI etc. are also important when talking about security programs, the explanation of Analytic Confidence was also useful. The video about “Words of Estimative Probability” will almost certainly be useful in the future.
The tools are not explained in depth or compared to each other which is a pitty. I strongly suggest to have a look at sigma ;).

Module 4 – Strategic Threat Intelligence Analysis is something that was missing from the courses I viewed before. The topics here are:
Cognitive Bias and Logical Errors
Competing Hypothesis Analysis
Human Elements of Attribution
Nation-State Attribution
Strategic Review and Creating an Active Defense

For me the course was interesting and infomative, especially Module 3 & Module 4 brought a new perspective to me. Some of the example could be shown with more length. Further I got some more tools that I might try in future. I give the course 4/5 points.


View at

How to Write Simple but Sound Yara Rules

How to Write Simple but Sound Yara Rules – Part 2

How to Write Simple but Sound Yara Rules – Part 3