How to play Pro Labs

Last updated by 0ne-nine9 (admin)

Updated at March 19th, 2021

Hack The Box offers members that have gained enough experience in the penetration testing field a number of life-like scenarios called Pro Labs.

These consist of enclosed corporate networks of Machines using different operating systems, different security configurations, different vulnerabilities and exploitation paths, while simulating a real corporate environment. Users looking into levelling up their security assessment skills should look no further.

Currently our line-up stands as follows:

  • Dante is a modern, yet beginner-friendly Pro Lab that provides the opportunity to learn common penetration testing methodologies, and gain familiarity with tools included in the Parrot OS Linux distribution. You will level up your skills in information gathering and situational awareness, be able to exploit Windows and Linux buffer overflows, gain familiarity with the Metasploit Framework, and much else!

  • Offshore is an Active Directory lab which simulates the look and feel of a real-world corporate network. It was designed to appeal to a wide variety of users, everyone from junior-level penetration testers to seasoned testers as well as infosec hobbyists.

  • RastaLabs is a virtual Red Team simulation environment, designed to be attacked as a means of learning and honing your engagement skills. The lab features a combination of attacking misconfigurations and simulated users. 

  • Cybernetics is a Windows Active Directory lab environment fully-upgraded and greatly hardened against attacks. For experienced penetration testers and Red Teamers, this lab will offer an amazing challenge to reach Domain Admin.

  • APTLabs simulates a targeted attack by an external threat agent against an MSP (Managed Service Provider). The lab requires prerequisite knowledge of attacking Active Directory networks. APTLabs consists of fully patched servers, prevalent enterprise technologies, a simulated WAN network, and much more!

Picking your Pro Lab

Have you decided on which Pro Lab to tackle? Head on over to your Dashboard, scroll down to where your activity within the labs is listed, and click on the View Pro Lab button under the entry you'd lab you'd like to enrol in. Alternatively, you can use the menu on the left-hand side of the page.

You will be taken to the Pro Lab's page. On this page, you can proceed with purchasing your first subscription, monthly or annually recurring.

You will be taken to the purchase confirmation page, where you can click the Subscribe button to be redirected to our Recurly payment page.

Over here is where you can paste any gift card codes or coupon codes you might have received. Paste them in the appropriate field and click on the arrow next to it to apply. Please make sure to confirm for which recurring type the voucher or gift card has been generated for you as you will need to select the correct type on the platform before being able to apply it.

Connecting to the Pro Lab

Once your purchase is complete, you should be automatically redirected to the subscription confirmation page. This will show a loading animation as we cross-check our backend services to verify the payment and your subscription status.

After the verification is complete, you will be met with the confirmation screen. From here, you can either return to the Hack The Box main page by accessing the Continue to Hack The Box button, or click on the Download Connection Pack link to be redirected to the Access page, where you can download your Pro Lab openVPN pack.

On the Access page you will be met with a new entry, the name of which depending on the Pro Lab you've subscribed to. From here, you can also Switch between the US and EU labs whenever you need to.

Scrolling down to the Lab Access Details table, you can see specifics of the connection you will establish. Clicking the Regenerate button will refresh your configuration file and prompt a download for the new one. Clicking the Connection Pack button will simply download the current one straight away, without attempting to regenerate it.

Once downloaded, you can proceed with connecting to the lab the same way you'd connect to the main Machines lab. For more detailed information on this process please visit this link and scroll down to the Booting up OpenVPN section.

Entry Point

Some Pro Labs mention the entry point you'll need to attack to gain the initial foothold into the system, some don't. You'll need to check this information on the Pro Lab's dedicated page.

For example, the Description of Dante contains the IP subnet which needs to be scanned to gain your initial targets.

Your best bet, in any given case, is to scan the network. If you're unsure of the subnet that requires scanning, type in the route command after you've deployed your openVPN connection and it should contain the subnet given for the tunnel interface.

Description and Rules

As mentioned before, the lab Description contains a variety of useful information about where to start, who the lab is intended for and what completing the lab can teach you. You can find this section on the lab's dedicated page right under the stats, on the left side.

The Rules section is accessible through the tab next to the Description. These are a mandatory read for anyone doing their first Pro Lab or are not yet acquainted with the Hack The Box Terms of Service. Reading the rules will prevent mistakes that could get you in trouble.


The Progress list will show you the available flags in nicknamed fashion. Each flag's nickname will provide you with a small hint about that specific flag. Don't look too deep into the meaning of it until you get there, or you risk getting lost in semantics.


The Machines list simply displays the available hosts in the lab's network. You will be able to reach out to and attack each one of these Machines. During the vulnerability assessment, each one can be identified by its hostname mentioned on this list, therefore allowing you to tick them off upon completion on each of the OS's mentioned here along with their hosts.

Redeployment / Resetting the Lab

Something is bound to crash at some point. Don't worry about it! You can issue a Lab Redeployment request through the same page. Make sure to fill in the text box provided with a good explanation of what is going wrong.

We'd rather not redeploy upon requests like these:

But we will definitely redeploy upon requests like these:

Flag Submission

When you find a Flag, you can submit it directly on the same page. The Flag Submission field is down at the bottom, next to the redeployment request box.

Cancelling the Pro Lab subscription

In order to cancel your recurring Pro Lab subscription, you need to visit the Pro Lab's dedicated page. Head on over to your Dashboard, scroll down to where your activity within the labs is listed, and click on the View Pro Lab button under the entry you'd lab you'd like to enrol in. Alternatively, you can use the menu on the left-hand side of the page.

While on the Pro Lab page, you can click on the Cancel Subscription button to start the cancellation process. 

Note that the remaining time on your current subscription will continue being valid for you to use. It's only after this time has expired (either at the end of the month or at the end of the year, depending on which recurring subscription type you have) that the recurring payment will stop and you will need to manually resubscribe at a later time if you'd like to use the lab again.

Keep in mind that upon unsubscribing, all of your personal data and interactions regarding this lab will be deleted from our records and you will be required to submit the One Time Setup fee once more if you ever want to resubscribe to the Pro Lab.

Was this article helpful?

Can't find what you're looking for? Please contact our

Customer Support team