A Year in Review (2021-2022)

Dear Community,

Hack The Box just turned 5! Now that we’re older and certainly wiser, we couldn’t be more grateful for the love and support from our amazing community, which has accompanied us since Day 0. Your feedback and active participation are the reasons we are here today, celebrating everything we have achieved.

Building a big and engaged community that shares knowledge and grows together has always been our top priority since the very start. So our excitement was no surprise when we surpassed 1 million members as HTB, back in January. Thank you all for being part of this amazing community. 

Of course, nothing would be possible without the HTB team, which grew as well (we are a team of more than 150 people!), with the addition of some extraordinary talent, in order to always deliver top-notch and relevant content for all of our users.

Some amazing stats from the last year (2021-2022):

[+] HTB Business CTF - July 2021

 

After the success of our first community CTF, we decided to take it one step further by introducing our first Hack The Box Business CTF, sponsored by Synack. Open to all corporate teams worldwide, the players were tested on challenges based on real-world scenarios. 1,619 players in 374 teams participated, trying to solve 24 challenges and 10 machines.

Special kudos to the Xormatic, Synacktiv, Standard Chartered, ING, and Orange Cyberdefense teams climbing up the scoreboard as the top 5 teams. The winning teams were awarded more than $20,000 and the first-ever HTB trophy.

 

 

[+] HTB University CTF - November 2021

 

The HTB University CTF came back for a third edition, sponsored by Check Point Software Technologies. Going beyond our expectations, 594 teams of students joined the qualifying round from all over the world. The event featured 29 exclusive challenges, including Cloud & SCADA content for the first time.

 

By joining the CTF, every player contributed a donation of $5,000 to Khan Academy, in a mission to help every child in the world to have a proper tech education.

 

The University CTF Finals (25th-26th of March 2022) showed us once again the skills of the student teams, with the Hasso-Plattner-Institute team leading the scoreboard, having the University of Warwick and 42Paris right behind on the podium.

 

[+] Cyber Santa CTF - December 2021

 

We wanted to go above and beyond to celebrate the festive period with the community! Our Cyber Santa CTF featured a 5-day beginner-friendly event, with awesome themed challenges and the chance to win prizes every day based on the players’ progress. More than 8,000 hackers joined the competition!

 

But that’s not all: right after the end of the CTF, we organized the first-ever hacking party. Thanks to our fantastic community team, we gathered all the best hackers around to showcase the challenges from the competition and interact with our viewers. You can still watch the entire video on YouTube, featuring STOK, PinkDraconian, John Hammond, NahamSec, 0xdf_, PwnFunction, superhero1, and TJNull.

 

Live Hacking Battlegrounds Tournaments

We said it already, hacking is the new gaming! After launching Hacking Battlegrounds back in 2020 and organizing the first tournaments, we decided to level up the game with quarterly tournaments broadcasted live on Twitch.

 

It was exciting to gather the best HBG and HTB players, and even ICC players from 16 different countries for our December edition! All tournaments are live commentated by IppSec & John Hammond and hosted by our Senior Community Manager r0adrunn3r.

 

You can watch all the tournaments on our YouTube channel:

 

[+] Hacking Battlegrounds tournament #1 sponsored by Synack Red Team - May 2021

[+] Hacking Battlegrounds tournament  #2 sponsored by Snyk - October 2021

[+] Hacking Battlegrounds tournament #3 | “Holiday Mayhem” sponsored by Snyk & supported by PlayCyber - December 2021

[+] Hacking Battlegrounds tournament #4 | “Hacking Will Tears Us Apart” sponsored by Snyk & supported by Raven - February 2022

 

Developing and Measuring Corporate Cyber Readiness

Over the last year, we focused on increasing our solutions for organizations by providing an array of tools and content to proactively close their cybersecurity skills gaps. 

 

[+] Academy For Business - June 2021

 

Top-quality cybersecurity-guided training should be accessible to everyone, including companies and organizations. In June, HTB also introduced Academy for Business to help IT teams to advance their skills with interactive learning material. Combining theoretical and practical methodology, the unlimited online courses of Academy offer teams a unique gamified experience, entirely browser-based. Moreover, the employee progress tracking, the flexible learning experience, and the diverse content offered for every skill level were exactly what a workplace needs to upskill. 

 

[+] Welcome to Enterprise Platform - October 2021

 

Always taking it a step further, in October we launched our Enterprise Platform for the more than 800 businesses, Fortune 500 companies, government agencies and universities who have used Hack The Box to develop their cybersecurity skills. The new dedicated platform gives teams and their managers advanced analytics, reporting and lab management tools across our Dedicated Labs, Professional Labs, Academy for Business, and Talent Search products - all in one place.

 

[+] New Professional Labs: Genesis & Breakpoint - October 2021

 

During the same month, we also launched two brand new Professional Labs scenarios: Genesis and Breakpoint. These labs have been great for those looking to advance their red teaming skills in realistic scenarios. Genesis featured a wide range of OWASP top 10 vulnerabilities and common privilege escalation techniques, as well as real-world security misconfigurations, while Genesis worked as a challenging red team simulation environment to test a player’s newly acquired skills.

 

[+] BlackSky: Our Cloud Hacking Labs - October 2021

 

And here comes the highlight: BlackSky, our Cloud Hacking Labs. With the end goal of understanding cloud hacking vulnerabilities, Hailstorm, Blizzard, and Cyclone featured Amazon Web services (AWS), Microsoft Azure, and Google Cloud Platform environments to familiarize cybersecurity teams with tools and techniques to exploit cloud platform environments. BlackSky became one of the pillars of our business offering since its launch, and we are extremely proud to have seen the first teams progressing through the labs.

 

Partnerships That Matter

[+] Synacktiv Fortress - April 2021

 

It has been a pleasure for us to host the Dojo Fortress, created by Synacktiv. This lab has been an entertaining and unique way to test users’ knowledge and skills, regarding web exploitation, AppSec exploitation techniques, and combined infrastructure hacking. It is also a great way for HTB players, ranked “Hacker” and above, to get directly in touch with Synacktiv and eventually join the team.

 

[+] HTB x Yogosha - June 2021

 

We are delighted to join forces to raise the bar for bug hunting in the security industry. Using Hack The Box's Dedicated Labs, a market-leading attack simulation and training lab environment, Yogosha will accept only the best of the best to their program. In doing so, they’ll further support organizations in collaborating with the most talented hackers to secure any system or application.

 

You can find the company’s profile under the Careers section of the Hack The Box platform, so keep an eye out for new opportunities to join the Yogosha hunter program!

 

[+] HTB Village at H@cktivityCon - September 2021

 

The HTB Village was a great opportunity to showcase our future plan to educate aspiring bug bounty hunters and have some great talks with the community. Hack The Box and HackerOne are both putting community first, and we are sure this will take our collaboration to the next level over time.

 

[+] HTB at RomHack - September 2021

 

We have been contributing to RomHack since the first edition and we are glad to keep providing great content for the CTF! During the 2021 edition, Hack The Box team managed to bring back a delegation to Rome and celebrate the success of the conference with some cool swag and giveaways. See you at the 2022 event!

 

[+] Faraday Fortress - October 2021

 

We are excited to host a new HTB Fortress, created by the Faraday team, which worked as a puzzle for hackers who wanted to put their problem-solving mindset to the test. Players with Hacker rank and above got a server’s alarm that the system had been compromised and their goal was not only to figure out what happened but also to hack the system themselves. 

 

[+] HTB AMAs are back - October 2021

 

In order to connect more with our large community, we successfully brought back our monthly AMAs! It was great to host some of the best contributors to the cybersecurity community worldwide such as John Hammond, 0xdf_, LiveOverflow, InsiderPhd, and more. Make sure to check all the videos recorded on our YouTube channel and not miss the upcoming ones.

 

Our Hacking Playground

[+] Take It Easy - July 2021

 

From the 1st to the 31st of July, we gave all our users a taste of old-but-gold HTB content. A total of 8 beginner-friendly premium machines were available for all our players (without the need of a VIP subscription) for the entire month, giving a great overview of concepts such as Active Directory, WebApps exploitation, and password cracking. We had great participation, with more than 3,500 players completing all machines! If you want to take a look back, the machines are:

 

• Forest [Easy - Windows]
• Active [Easy - Windows]
• OpenAdmin [Easy - Linux]
• Writeup [Easy - Linux]
• Bastion [Easy - Windows]
• Heist [Easy - Windows]
• Shocker [Easy - Linux]
• Traverxec [Easy - Linux]

Up to refresh some basic skills? Take a look.

 

[+] Welcome to the HTB Blog! - July 2021

 

With the launch of our exciting, new HTB Blog back in June, we are now able to provide great educational content in all forms to our users. We have been gathering the best SMEs to write about all-around-cybersecurity: CVEs, tips & tricks to get started with hacking, stories from the community, and much more will come. Our most popular content so far has been what we call “The Beginner’s Bible”, aiming to introduce every single user to hands-on cybersecurity training in 6 simple steps. Take a read and subscribe to our blog to keep receiving great articles!

 

 

[+] Launching our revamped Starting Point - October 2022

 

We celebrated Cybersecurity Awareness Month with the introduction of our new, revamped Starting Point. The new version of Starting Point features very easy and beginner-friendly machines divided into 3 Tiers, combining guided and exploratory learning, for anyone taking their first steps into penetration testing and cybersecurity. As we are aiming to always keep our content relevant, we will be adding 1 new Starting Point machine per month covering basic notions and techniques. 

 

Starting Point is already the most played hacking content on Hack The Box, with more than 55% of our users playing monthly. And the best is yet to come!

 

[+] New Challenge Category: GamePwn aka Game Hacking - March 2022

 

GamePwn is an incredibly interesting field of research that involves static and dynamic analysis, utilizing a wide range of techniques and tooling. Our new challenges provide a safe and legal way for you to hone your skills in this evolving area of game hacking security. Game hacking as with other forms of hacking can be considered a game of cat and mouse, and raising awareness of the tools, techniques, and procedures can strengthen the gaming industry as a whole, instead of relying on security by obscurity.

 

HTB Academy

[+] Student Subscription & CPEs Submission - May 2021

 

Since we launched HTB Academy back in November 2020, we wanted to make it the place where anyone could start learning cybersecurity, no matter the skills or background. That is why we have been so proud to announce the launch of our student subscription and CPEs submission feature, which now make Academy an even more inclusive and impactful platform.

 

By activating a student subscription, Academy users are now able to unlock all modules up to Tier II for only $8/month and easily kickstart their journey into cybersecurity.

 

[+] HTB Academy Job-Role Paths - August 2021

 

Users can now study on HTB Academy the necessary notions to cover a specific cybersecurity role. Our Job-Role Paths consist of a series of guided learning materials with a constant evaluation that prepares students for all the skills needed to cover a specific job role. You can start learning with:

 

• Penetration Tester Job-Role Path
• Bug Bounty Hunter Job-Role Path

 

[+] Introducing HTB Academy Certification - March 2022

 

And finally, here we are! It's the milestone everyone was waiting for. Hack The Box Academy is introducing certifications: we’ve just released the first HTB Academy certification of the many to come! HTB CBBH (Certified Bug Bounty Hunter) is for anyone doing penetration testing, especially web, red teaming, and anyone that develops or reviews web applications.

 

 

The HTB CBBH is only our first step. Academy will be evolving quickly, covering multiple cybersecurity job roles through top-notch learning paths supported by related industry certifications. 2022 will be the year in which HTB Academy will make its way to the community as the official certification vendor, aiming to educate and introduce to the job market the biggest number of aspiring hackers possible.

 

Moving Forward…

5 years have been such a ride! But Hack The Box has never been as ready to achieve great milestones as now. From the community growing and glowing to the continuous improvement in our business offerings, we really cannot wait to make a safer cyber world together. But now… Time to celebrate!

 

For the special occasion of turning 5, we have organized a never-seen-before giveaway for the community: some of you will come to DEFCON with us! Make sure to participate and take a look at our social media for the announcement.

 

The amazing progress we’ve made in the last year has only made us more excited and eager for the next things to come. Thank you for being alongside us. Till next year!

 

Keep Hacking,

- ch4p