The Hack The Box platform provides a wealth of challenges - in the form of virtual machines - simulating real-world security issues and vulnerabilities that are constantly provided and updated by the community. Some of them simulate real-world scenarios, and some lean more towards a CTF style of approach.

Hack The Box innovates by constantly providing fresh and curated hacking challenges into a fully gamified, immersive, and intuitive environment. The platform brings together security researchers, pentesters, infosec professionals, academia, and students, making it the social network for ethical hackers and infosec enthusiasts, counting more than 500k members and growing dynamically.


Boxes & Challenges

The main two categories we will be focusing on are Boxes (also called Machines) and Challenges.

Boxes are instances of vulnerable virtual machines. These are virtualized services, virtualized operating systems, and virtualized hardware that all run on our servers. Boxes can be Easy, Medium, Hard or Insane and can host different Operating Systems; Linux, Windows, FreeBSD, and more.

Challenges are bite-sized applications for different pentesting techniques. These come in three main difficulties, specifically Easy, Medium, and Hard, as per the coloring of their entries on the list. Their scope? To be attacked by you.

Each of these has a certain set of vulnerabilities - most commonly met in real life. Your objective is to recon these Boxes, find out their vulnerabilities, and access two flags: one user flag (lower privilege account on the Box) and one root flag (highest privilege account on the Box).

Once you have these flags, you submit them immediately to the platform. Why immediately? Because there’s a flag rotation mechanism on every Box, meaning that the flags submitted and marked correct are rotated with newer ones with every Box reset.

Points, Badges, First Bloods, and Respect Points will help you climb the Global Rankings of Hack The Box, improve your Hacker Rank, and ultimately testify your skillset in Cyber Security. These can be seen on any public profile by anyone. If you’ve got the skills and the points/tank to show for it, you won’t go unnoticed!

Your only objective here is to grind and learn. In the end, it will be worth it.

Retired Content

Retired content has been retired from our active labs and/or offerings and is no longer available on our free servers. In the case of Boxes, the last few to be retired are still available to free users. We release one new Box every week and also retire one Box at the same time. Retired content does not give Points or Ownership.


Ranks, Points, and Game Elements of Hack The Box

Points

The Points system is straightforward. Each Box, Challenge, Endgame, or Fortress completed will offer you a number of Points that is based on its complexity. This way, harder tasks will earn you more Points, where easy ones will not earn you as many. The Points contribute to your overall position on the global and regional scoreboards.

Points are allocated based on a number of variables, such as user/root owns and challenges completed. Each Box/Challenge displays the number of Points earned upon completion.

Points are calculated using the following Points Formula:

(userOwnPoints + systemOwnPoints + challengeOwnPoints + fortressOwnPoints + endgameOwnPoints + userBloodPoints + systemBloodPoints + challengeBloodPoints) * ownershipPercentage

It's worth noting that while Points are directly correlated to your global ranking, they are not what dictates your Hacker Rank.

Ranks

Sometimes referred to as your Hacker Rank, Ranks are achieved by increasing the total % of Ownership of active Boxes and Challenges. The levels and required % are the following:

  • Noob >= 0%,

  • Script Kiddie > 5%,

  • Hacker > 20%,

  • Pro Hacker > 45%,

  • Elite Hacker > 70%,

  • Guru > 90% and

  • Omniscient = 100%

As you level up, you gain certain perks and features. For example, Fortresses unlock at Hacker, and Endgames unlock at Guru.

The Ownership % Formula can be seen here:

(ActiveSystemOwns + (ActiveUserOwns / 2) + (ActiveChallengeOwns / 10)) / (activeMachines + (activeMachines / 2) + (activeChallenges / 10)) * 100

General Game Elements

Note that only active Boxes/Boxes/etc. offer any Points or Ownership upon completion. These consist of tasks that do not have any available write-up and have been recently made public for everyone to solve.

Once a Box, Challenge, Fortress, or Endgame is retired, the points attributed to any user ever for solving that particular task will turn into 0. This means that every weekend, on retiring day, everyone's Ownership will drop with the number of Points equal to the Point value of the retired content for that week.

This means that users who were about to reach the next rank will have to work a little more until they hit it. This, however, does not mean that anyone loses their rank.

For example, if you've just hit the rank Hacker and have 0 progress towards Pro Hacker, and a Box is retired, you will not be de-ranked back to Script Kiddie. You will keep your 0% progress towards Pro Hacker together with your current Hacker rank.

We've put this system in place to ensure that everyone gets the rank they deserve based on their skills, but if for any reason a user needs to stay inactive for a period of time, they will not lose their rank as they've already proven their skills for that position.

First Blood is a big thing in video games, so we've ported it over to our approach to the gaming paradigm. Once a new Box or Challenge releases, everyone has the chance to get First Blood on it.

This will display their name on the Box or Challenge's dedicated page and also award them more points upon submitting the flags than a normal own would.

It's an excellent reason to level up your hacking skills and prove yourself to the community.

Respect Points can also be awarded to other users. To offer your respect point to a user for creating a Box, Challenge, or just in general for being a really neat person, you can visit their profile and click on the Respect button. You will appear under their profile as a person who offered that user Respect.


Free and VIP account

At Hack The Box, we provide Free and VIP accounts.

Free accounts have access to the 20 weekly Active Boxes, Active Challenges, and our Helpdesk.

VIP accounts have access to the Helpdesk and all available Hack The Box Boxes (both Active and Retired), and they are able to view the official write-ups and videos for each Retired Box.

If you'd like to make a subscription to either VIP, our Pro Labs, or simply just to view the status of your current subscriptions, you can head over to your Dashboard, then to the Subscriptions tab.

Here you can find your current available Hack The Box credit, which you can use to purchase services with, and the status of your Subscriptions for our labs.

If you'd like to find out more about VIP, you can always visit this link or click on the Purchase button next to the VIP Subscription entry on this page.

Both will contain all the information needed for you to make a decision on the VIP pack. Still, we guarantee that you will immediately fall in love with all the new features it unlocks and with how much it can accelerate the learning process for a new user!


The Dashboard

After three years of continuous support from the community and our enterprise customers, we have decided to modernize and refresh our brand identity. The redesign invigorates the brand and optimizes its performance across platforms, online and offline, bringing visual continuity across landscapes and business channels.

Hack The Box aims to make hacking a new gaming paradigm through an intuitive and captivating user experience. A user-centric approach guides all our new product and brand endeavors.

To the left of the Dashboard is the navigation menu. Following a fresh and modern design, here you can find all of the available features we polished up for our community.

The navigation menu will take you back to the main page, where you can see all of your profile stats and progress in our labs.

Labs will contain all of our playable content, ranging from Challenges to Pro Labs and more.

Rankings will display different categories of leaderboards, as you were accustomed to until now.

Careers is our dedicated page where users and companies meet on the middle-ground, where you can find positions or contact recruiters.

Education is the dedicated University page, where you and your colleagues can create a varsity hacking team for the University you study at.

Social is where you can reach other members: through Private Messages, the Shoutbox, your own Team Shoutbox, and the link to the Forum.


On the top, we have implemented a new search-bar functionality along with the usual links to Swag Shop, Feedback, and Support menu.

The search functionality has been developed even further than before, allowing users to search for specific content categories such as Boxes and Challenges by clicking on the Box switch or the Challenge switch.

This also works with Users and Teams by clicking the user: switch or the team: switch.

Clicking your profile image will bring up your Profile Settings, Subscriptions, Classic HTB link, and the Logout option.

Note that the first two are the same as the tabs listed on the Dashboard, right under your profile header.

Switching to the classic HTB view can also be done from the bottom left of the navigation menu.

While looking at the profile header, you can spot the four little icons underneath your username, displaying your Points, Owned Users, Owned Systems, and Respect meters.

If you've checked out the Profile Settings until now, you'll know that you can set a description for your profile. This Description can be seen by any member on their profile or on your own Dashboard by clicking on the horizontal bar between the profile header and the tabs.

This along with the social media links and the option to Share Profile all appear under the same header for you to easily navigate someone's profile for more information about them.

Your profile can also now be visible to the outside if you so choose. To change your Profile Settings to allow public sharing of your Hack The Box profile, you'll need to navigate to the Dashboard, then to Profile Settings, and onto the Notifications & Sharing tab. There, look for the last option, called Public Profile. Make sure it is enabled. You can also find your public profile link to the right of this option.

If your privacy settings allow this, you can share the following link or press the Share Profile button on your Dashboard to send it to someone who doesn't have a Hack The Box account. This will present them with the following profile layout for your account.


Progress Analysis

On the Overview tab, you can see your current progress in the different labs with the option to filter by time period.

Below is your skill breakdown for both Boxes and Challenges. You can click on View More for more detailed information.

Below these, you can also track your progress on our Fortress and Endgame labs. Each separate one will be displayed under their respective category.

Scrolling even further down towards the end of the page, you can find your progress report for our Pro Labs line-up. You can use the navigation arrows to switch between the different Pro Labs.


Badges

With each feat that you accomplish as a community member of Hack The Box, we've made sure to reward you with a congratulatory Badge! Your Badges appear both on your public and your community profile on the platform. They contain a short description of the feat you accomplished to obtain the Badge.

You can think of them as video-game achievements. For all intents and purposes, they prove to the world that you're a dedicated player with a keen eye to detail and an appetite for curiosity!

To view your Badges, one only needs to navigate to your Profile and click on their respective tab. Scrolling down will present the viewer with all the different categories.

Did this answer your question?