Outbound HTB
A HackTheBox active easy Linux machine focused on web enumeration and privilege escalation, protected by Root’s hash encryption to prevent spoilers and ensure only those who complete the machine can fully access its details.
Fluffy HTB
A HackTheBox active easy Linux machine focused on web enumeration and privilege escalation.
Voleur HTB
Voleur A HackTheBox active Medium Windows machine focused on Active Directory enumeration and privilege escalation, protected by NTLM hash encryption to prevent spoilers and ensure only those who complete the machine can fully access its details.
Rustykey HTB
RustyKey A HackTheBox active Hard Windows machine focused on Active Directory enumeration and privilege escalation, protected by NTLM hash encryption to prevent spoilers and ensure only those who complete the machine can fully access its details.
Certificate HTB
A HackTheBox active Hard Windows machine focused on Active Directory enumeration and privilege escalation, protected by NTLM hash encryption to prevent spoilers and ensure only those who complete the machine can fully access its details.
Scepter HTB
A HackTheBox active Hard Windows machine focused on Active Directory enumeration and privilege escalation, protected by NTLM hash encryption to prevent spoilers and ensure only those who complete the machine can fully access its details.
Nocturnal HTB
A HackTheBox active Easy Linux machine focused on web enumeration and privilege escalation, protected by Root's Shadow Hash to prevent spoilers and ensure only those who complete the machine can fully access its details.
Dashboarded HTB Business CTF 2025
In this cloud‑based ICS challenge you enumerate AWS IAM roles, exploit misconfigured S3 buckets to harvest credentials, perform SSRF via the monitoring dashboard, enumerate CloudTrail to locate sensitive logs, and escalate privileges through EC2 instance metadata abuse.
Volnaya Forums HTB Business CTF 2025
A white‑box web CTF where you analyze source code, exploit an IDOR to access /flag.txt, chain broken access control with cross‑site scripting to inject a webhook for exfiltration under CORS restrictions, and abuse a bot‑based report system to execute code as admin.
Active HTB
A Windows AD machine where you gather domain information via BloodHound, perform LDAP query enumeration, crack Kerberoastable SPNs, relay NTLM authentication, and exploit insecure group policies to escalate to DA.
Alert HTB
A Linux machine centered on log monitoring bypass: you exploit LFI in a web‑app to poison logs, leverage sudo misconfigurations, and execute commands as root via crafted syslog entries.
Analytics HTB
An easy Linux machine with a Metabase instance vulnerable to pre-auth RCE (CVE-2023-38646), leveraged to gain a Docker container shell; enumerate environment variables for SSH creds, then exploit the GameOverlay vulnerability for root.
BoardLight HTB
An IoT firmware challenge: extract the device image, reverse‑engineer via binwalk, dump JTAG‑accessible partitions, bypass UART login, and exploit a hardcoded backdoor to gain root on the embedded system.
Broker HTB
A message‑broker machine hosting Apache ActiveMQ vulnerable to unauthenticated RCE; post‑exploit, abuse a sudo misconfiguration to run nginx as root for complete takeover.
Buff HTB
A Gym Management System 1.0 challenge with unauthenticated RCE and a second-stage CloudMe buffer‑overflow exploit to bypass NX/ASLR and spawn a root shell.
Cap HTB
A Linux capture‑server with IDOR-based PCAP retrieval to harvest FTP creds, then abuse file capabilities (cap_setuid) to spawn a root shell via Python.
Cicada HTB
An easy Active Directory DC with SMB, Kerberos, LDAP services; enumerate shares, extract plaintext creds, password‐spray, and abuse SeBackupPrivilege for full compromise.
Codify HTB
A Node.js sandbox (vm2) Escape challenge: chain multiple CVEs in vm2 for RCE, extract a hash from SQLite for SSH, then abuse a sudo‐run backup script to escalate to root.
CozyHosting HTB
A Spring Boot web app with Actuator enabled; steal a session, exploit command injection, extract DB creds from the JAR, crack hashes for SSH, then abuse sudo‑ssh ProxyCommand for root.
Devvortex HTB
A Joomla CMS challenge: leak DB creds via information disclosure (CVE‑2023‑23752), create a webshell for user, then exploit an apport‑cli pager bug for root.
Dog HTB
An easy Linux web challenge: enumerate BackDrop CMS, leak the Git repo via directory scan, extract credentials from settings.php, perform a password spray, and escalate via SeBackupPrivilege.
Editorial HTB
A CMS‑based web machine: you perform blind and error‑based SQL injection to enumerate the database, exploit insecure file uploads to deploy a webshell, and leverage misconfigured plugins to escalate to admin.
EscapeTwo HTB
A sandbox escape box: you exploit escape sequence parsing in a custom script, bypass the chroot jail via symlink abuse, and execute arbitrary commands on the host.
Forest HTB
A Windows AD domain controller where you enumerate users via LDAP, perform ASREPRoast attacks to crack user hashes, exploit Kerberoasting for service account credentials, and abuse DCSync to dump all domain hashes.
GoodGames HTB
A web application challenge featuring SQL injection, JWT token manipulation, and SSRF exploitation to bypass authentication, access admin panels, and execute server-side requests for internal service enumeration.
GreenHorn HTB
A Linux machine featuring web enumeration, directory traversal, file inclusion vulnerabilities, and privilege escalation through cron job manipulation and kernel exploitation techniques.
Headless HTB
A web application challenge involving API enumeration, JWT token forgery, and server-side request forgery (SSRF) to access internal services and exploit misconfigured webhooks for remote code execution.
Heal HTB
A Windows machine featuring web enumeration, SQL injection, file upload vulnerabilities, and privilege escalation through service misconfigurations and token manipulation techniques.
Inject HTB
A Linux machine featuring web enumeration, SQL injection, file inclusion vulnerabilities, and privilege escalation through cron job manipulation and kernel exploitation techniques.
Intentions HTB
A web application challenge involving API enumeration, JWT token manipulation, and server-side request forgery (SSRF) to access internal services and exploit misconfigured webhooks for remote code execution.
Jerry HTB
A Linux box abusing cron‑based symlink vulnerabilities: identify a root cron job, craft a symlink to overwrite /etc/shadow, and escalate to root via passwordless login.
LinkVortex HTB
A CSRF challenge: craft malicious links to steal auth tokens, predict anti‑CSRF tokens, chain session fixation to hijack admin access, and execute privileged actions.
OpenSource HTB
A web application challenge featuring source code analysis, API enumeration, JWT token manipulation, and server-side request forgery (SSRF) to access internal services and exploit misconfigured webhooks.
PermX HTB
A Linux machine featuring web enumeration, file inclusion vulnerabilities, and privilege escalation through cron job manipulation and kernel exploitation techniques.
Pilgrimage HTB
A web application challenge involving image processing vulnerabilities, server-side request forgery (SSRF), and privilege escalation through file upload restrictions bypass and command injection techniques.
Sau HTB
A Linux machine featuring web enumeration, server-side request forgery (SSRF), and privilege escalation through cron job manipulation and kernel exploitation techniques.
Sauna HTB
A Windows AD machine where you enumerate users via LDAP, perform ASREPRoast attacks to crack user hashes, exploit Kerberoasting for service account credentials, and abuse DCSync to dump all domain hashes.
Sea HTB
A web application challenge featuring source code analysis, API enumeration, JWT token manipulation, and server-side request forgery (SSRF) to access internal services and exploit misconfigured webhooks.
Singtless HTB
A Linux machine featuring web enumeration, file inclusion vulnerabilities, and privilege escalation through cron job manipulation and kernel exploitation techniques.
Support HTB
A Windows machine featuring web enumeration, SQL injection, file upload vulnerabilities, and privilege escalation through service misconfigurations and token manipulation techniques.
TimeLapse HTB
A Windows machine featuring web enumeration, SQL injection, file upload vulnerabilities, and privilege escalation through service misconfigurations and token manipulation techniques.
Titanic HTB
A web application challenge involving API enumeration, JWT token manipulation, and server-side request forgery (SSRF) to access internal services and exploit misconfigured webhooks for remote code execution.
Topology HTB
A Linux machine featuring web enumeration, file inclusion vulnerabilities, and privilege escalation through cron job manipulation and kernel exploitation techniques.
TwoMillions HTB
A web application challenge featuring source code analysis, API enumeration, JWT token manipulation, and server-side request forgery (SSRF) to access internal services and exploit misconfigured webhooks.
UnderPass HTB
A Linux machine featuring web enumeration, file inclusion vulnerabilities, and privilege escalation through cron job manipulation and kernel exploitation techniques.
Usage HTB
A web application challenge involving API enumeration, JWT token manipulation, and server-side request forgery (SSRF) to access internal services and exploit misconfigured webhooks for remote code execution.
Wifinetic HTB
A Linux machine featuring web enumeration, file inclusion vulnerabilities, and privilege escalation through cron job manipulation and kernel exploitation techniques.
Chemistary HTB
A web application challenge featuring source code analysis, API enumeration, JWT token manipulation, and server-side request forgery (SSRF) to access internal services and exploit misconfigured webhooks.
Cat HTB
A Linux machine featuring a custom PHP application vulnerable to XSS for cookie hijacking, SQLite SQL injection leading to remote code execution, and privilege escalation via log analysis and exploitation of an XSS flaw in an internally hosted Gitea instance.
Vintage HTB
A Windows machine featuring Active Directory enumeration, certificate services misconfigurations, and privilege escalation through DPAPI abuse and TGT ticket manipulation using Impacket.
Administrator HTB
A Windows machine featuring Active Directory enumeration, certificate services misconfigurations, and privilege escalation through Kerberoasting to retrieve the administrator's ticket.
Certified HTB
A Windows machine featuring Active Directory enumeration, certificate services misconfigurations, and privilege escalation via certificate-based authentication abuse using Certipy to impersonate privileged users.
Instant HTB
A Linux machine featuring mobile app reverse engineering, API endpoint exploitation, and privilege escalation by decrypting session data from Solar-PuTTY.
MonitorsTwo HTB
A Linux machine featuring command injection in a Cacti-based web application, credential-based privilege escalation via MySQL, and Docker container escape to gain root access.
Perfection HTB
A Linux machine featuring Server-Side Template Injection (SSTI) with regex bypass, password hash extraction, and privilege escalation through password cracking to gain root access.
Precious HTB
A Linux machine featuring remote code execution via a Ruby on Rails vulnerability and privilege escalation through insecure third-party dependencies.
Antique HTB
A Linux machine featuring remote code execution via a vulnerable ProFTPD server and privilege escalation through system misconfigurations.
