Red Teaming
KimCrawley,
Sep 24
2021
Hack The Box offers the most flexible and effective gamified cyber offensive training platform for your employees. Our Dedicated Labs feature virtualized machines and our Professional Labs are virtualized networks. They’re designed and configured to work just like the networks, endpoints, and servers businesses use. And they’re a great way for your red teamers and pentesters to try the advanced cyber exploitation techniques cybercriminals may use in your corporate network. Knowing how to “think outside of the box” and think like a cyber attacker is a powerful way to improve the security of your network. You can learn how to deploy more effective security controls so your business isn’t hit by data breaches, ransomware, spyware, and Denial of Service. The cyber threat landscape is constantly evolving, and multimillion dollar incidents are becoming alarmingly common in a wide variety of industries.
So that’s why more and more businesses are choosing Hack The Box to help train their cybersecurity teams.
In order to get the most benefit from our Labs, it helps to understand its features and how you can customize how you use our Labs for your company’s specific needs. So let’s get into it!
Our Hack The Box For Business platform gives your company the power to manage each employee under "Manage User", and then organize them into teams under "Manage Teams".
We have two types of Labs for business cybersecurity training, Dedicated Labs and Professional Labs.
Our Dedicated Labs feature over 255 machines, some of which are active and others are retired. All of them resemble Windows and Linux machines that have applications that are used by businesses in the real world. These machines can be exploited with the sort of techniques that are used in Capture The Flag games. Our Dedicated Labs can also include Advanced and Enterprise Tiers with up to fifty machines that are tailored to more real-world attack vectors and exploits (less CTF style boxes). Two new machines are added to the exclusive pool every month.
Our Dedicated Labs encourage businesses can encourage their pentesters, red teams, and other cybersecurity professionals to exploit machines that are similar to the computers they use in real life. It’s a great way to learn how to defend your company’s computers from real life cyber attacks! Each business that works with us can easily track their employees’ progress in detail as they hack our Dedicated Labs.
Targeted Training: For example, an employee wants to practice on a Windows machine that runs a web application and has a XSS vulnerability.
Collaboration: An organization has a regular Hack The Box training session every Friday afternoon. At the start of the week, the administrator tells the team which box they’ll be working on in Friday’s session. The users attempt to gain user and root flags before to Friday’s session. During the session, they share knowledge from their experiences and some colleagues may do a walkthrough of the machine to their colleagues. They benefit from the skills and expertise of the wider team, and share knowledge as a result.
Recruitment: Some organizations may use Dedicated Labs to conduct a technical screening exercise as part of their recruitment process. For example, by using one of the exclusive machines (without online write-ups). They ask a candidate to obtain user or root on a machine and write-up a slide with an Executive Summary, Key Findings and Remediation recommendations. They can discuss this face to face in their interview.
Our Professional Labs simulate enterprise networks with applications, services, and configurations that are used in the real world. Cybersecurity practitioners can engage in scenarios which replicate real world cyber attacks. Each scenario has a storyline, and different skill levels which can demonstrate how competent your team members are.
Our customers are finding a variety of ways to make use of their Professional Labs in order to both upskill their team individually and collaboratively via the immersive nature of the simulated penetration test and red team engagement scenarios.
Simulated Penetration Test and Red Team Engagement: Working either individually or in small teams, a target end date is set for completion of the scenario. Participants treat the scenario as they would any routine engagement. At the end of the engagement, a report or briefing is produced by the participants. They include an executive summary, key findings and recommendations. Some customers have also appointed a team member to role play a client or internal stakeholder for a fictitious scenario. A facilitator who is familiar with the scenario and write-up should also be appointed, and be available if participants need additional support.
Workshops: Appointed facilitators digest the write-up for the scenario and lead sessions every week or two, either in person or online. Specific hosts within the environment are worked on collaboratively. Facilitators use the write-ups in order to provide hints to fellow team members when needed, and spend time explaining technical concepts in greater detail. Zoom is effective for running these sessions remotely as it is possible to ask team members to jump into private rooms so that concepts can be explained or worked through in more detail. After reaching designated checkpoints within the Lab, defined by the facilitator, the team can talk through different approaches and challenges together.
Assignments: Appointed facilitators will digest the write-up for the scenario and set assignments for the team to complete each week or two. The facilitators will then hold a session for the team where they will walk through the correct approach, and the team can discuss their experiences together.
Informal Collaboration: The team are assigned a scenario, and use a dedicated channel within an instant messaging application to collaborate. They set a target end date to complete the scenario, and are assigned a designated facilitator to approach for support if they encounter difficulty. However, they are encouraged to solve problems together as the preferred method. At the end of the scenario, the facilitator conducts a walkthrough using the write-up and the team discuss their approach and respective challenges together.
Mentorship: Scenario players are paired with mentors from the wider team who have access to the write-up. Mentees play the scenario just like they would conduct a routine penetration test or red team engagement, reaching out to their mentor if they need support. At the end of the scenario, the mentor and mentee have a wash-up session. That’s where the mentee presents their findings and recommendations with the mentor, and agree on areas for further professional development.
Testing Tools and Techniques: Businesses are using their Professional Labs as a way to test techniques and tools in a safe environment, before deploying onto live engagements. This is particularly useful for organizations that employ strict risk management procedures alongside their penetration testing and red team engagements.
Progression Paths: Teams can use access to Professional Labs to rotate through all five scenarios progressively (perhaps four per year), in order to build their competence and develop as a tester. Organizations can use this pathway as an aid to professional development plans by setting targets for employees to meet. For example, meet Pentester Level 2 by the end of the year. This also assures businesses that their team members meet a certain level of competence, which could be used as a way to certify staff as ready for particular engagements or projects.
Here’s an overview of our Professional Labs.
Scenario |
Level |
Key Competencies |
Dante |
Pentester Level 1 |
Enumeration |
Offshore |
Pentester Level 2 |
Enumeration |
RastaLabs |
Red Team Operator Level 1 |
OSINT and Phishing |
Cybernetics |
Red Team Operator Level 2 |
Web application attacks |
APTLabs |
Red Team Operator Level 3 |
Active Directory Enumeration and Exploitation |
Hack The Box offers Dedicated Labs, Professional Labs, and HTB Academy for Business as innovative and fully interactive ways to train your employees for today’s and tomorrow’s cyber threats. Learn more on our website. Feel free to get in touch with us if you want to explore how we can work with your company.