Getting Started with HackTheBox in 2025 | Cheatsheet Inside

The Cyber Mentor · Beginner ·🔐 Cybersecurity ·1y ago

Key Takeaways

The video provides a beginner's guide to getting started with HackTheBox, a platform for learning cybersecurity and penetration testing, with tips and techniques for solving Capture The Flag (CTF) challenges and escalating privileges on Linux and Windows systems.

Full Transcript

Hack the Box is notoriously difficult to get into, and even when you're a seasoned player, it does a good job of humbling us from time to time. So, if you're looking to start climbing through the ranks, or maybe you've tried before and it's managed to get the better of you, then today's video is for you. We'll be uncovering how to approach and solve boxes in a methodical way. Break down different ideas so that you spend less time in rabbit holes and more time making progress. And we'll also look at the key skills and tips that will help you progress no matter where you are on your hack the box journey. Now, quickly before we dive in, I've created a beginner's cheat sheet with a checklist for each stage so that when you're attacking boxes, you can do so in a more methodical way. And hopefully this will serve as the foundation for your methodology that you can build on over time. The link is of course in the description below. And if you enjoy the video, then don't forget to like and subscribe and let's dive in. So first up, let's run through a highle methodology and approach before we go deeper into the details of attacking a hack the box machine. We want to enumerate our targets so that we know what services are running and available to us and ideally start to gather information on versions of those services too. Next, we need to test these services one by one and in doing so hopefully we'll gain a foothold against the target or at the very least some information like credentials that we can use against another service. And it's worth noting here that after a while you'll have your own list of what to prioritize. But when you're just starting out, don't worry too much about picking the right one to start with. Just work through all of the services methodically. Once we've got some kind of lowprivilege shell, then we go back to enumeration to understand where we are and what we have available to us. And by continuing to discover more about what privileges we have, what services are running, or what misconfigurations exist, or simply what credentials we can steal from files we have access to. We can look to escalate our privileges. Now, this process sounds fairly straightforward. But of course, the reality is it's a long winding path with traps and rabbit holes all along the way, but the more you do it and the more things you check, uh, the more you will learn and develop an intuition and skills that can be used to solve harder boxes and at a faster rate. Now, briefly before we move on, I also wanted to discuss credentials. So, once you find credentials, you need to be using them everywhere. Password reuse is a common realworld issue and you'll be finding things like a database password that you retrieve via SQL and cracked is the same password for the user account. So maybe we can just simply SSH in in this case or maybe a message on the web app is sent by a user and that password is in there and then you can use that to access FTP or webdav. Whatever the case may be, make sure you keep track of any credentials that you find and try to use them as often as you can until they stick. Now, I wanted to talk to you about the other core skills that are going to pay dividends on almost every box you do and share some resources with you that can help you build these skills and also help you when it comes to putting them into practice. And first up, we have catching shells. You need to be confident in setting up, executing, and troubleshooting payloads that land you with a shell. And also, every time our shell fails, we need to figure out why. Maybe you needed to use a different ports. There's some restrictions on special characters that can't be used in your payload, or you need to quickly migrate it to another process before it dies. Whatever the case is, write it down and keep a troubleshooting shells list. Some of these things you'll intuitively test when you come to other boxes and your shell isn't working. But the number of times that I've seen something before and then not really remembered only to find myself a few hours later being like, "Ah, yeah, it was that thing and it wasn't that difficult." And I have seen it before is frankly inexcusable. So, of course, my notes are a little bit better these days from those hard-earned lessons. But don't be dumb like me. Make the most out of every learning experience. And if you need to learn more about setting up and catching shells, then check out Heath's 15-hour hacking course here on YouTube. It's in the second video around the 2our 30 mark. So, next we have transferring files. And there are a bunch of different ways to do this. And on the surface, it's like, ah, yeah, I just do this technique and it's all good. But then sometimes you find a box and it takes you either a couple of hours to transfer a file or you just do what I do and give up and start to do janky things like writing out scripts in the terminal and then saving them to the file system instead of figuring out the right way of transferring files in that situation. So don't sleep on this technique. Check out a few different options, test them and add them to your notes. And a good resource for getting started here is the blog post on hacking articles.in. And there is a lot of other good content on there as well. Set a new standard in your professional journey with TCM security certifications and dive deep into advanced cyber security tactics with our comprehensive courses. Our challenging exams are designed to test your skills to the fullest, preparing you for realworld cyber security roles. Explore certifications.tcm-sack.com and redefine your professional potential. Finally, we have understanding windpiece and lip piece output, which at first can be quite intimidating, but I promise you it does get better over time as you learn more about your target systems. Now, what I'd say is that when you just start out, instead of just running the script and reading something that's pretty much entirely incomprehensible, learn to use them so that you can do individual checks, read the output, and then cross reference that with your notes or with a resource on that particular priv. This is kind of annoying to start with because all you want to do is run it and hope to see something that's highlighted in yellow or orange that gives you the path straight away. But doing it this way, the slightly longer way is going to help you learn and eventually you'll be really good at provesque instead of being really good at finding highlighted text in a long script. And some good resources for learning proves are the proves arenas on try hackme. Now let's take a look at some kind of road map to help you get started and stay on track. Here are the boxes that I think are perfect for beginners. And the approach that I think you should take looks like this. For the first five boxes, simply follow a walkthrough. IPSC, I think, is your best bet here, but if you prefer reading over watching, then Zerox XDF is also a great option. For boxes 5 to 20, set yourself a 45minute timer. And if you're stuck at the end of the 45 minutes, take a peek at a hint or the walkthrough, and then continue. Now, this is a really important step to get out of the way because you're building a foundation of knowledge and you'll get stuck on things because of a technique or a quirk that you didn't even know existed. So, balancing working out a box and thinking and putting your skills to use along with the support of walkthroughs when you're stuck is by far the best way to learn quickly. For me, when I was doing a lot of hack the box, I'd do 2 hours before work every day. And this is the same approach I took for exams as well. I'd arrive early at the office, sit in a meeting room, and basically fill that 2 hours with a single box. So, when I was stuck, I would look at writeups, follow it to get back on track, and then update my notes and make sure I had finished up by 9:00 a.m., which is when I headed back to my desk and my workday began. Now, if I recall correctly, I solved maybe 60 or 70 boxes like this. And obviously, over time, I used the writeups less frequently. And in just a few months, I'd acrewed a lot of knowledge and really improved my methodology. Now, it's also worth mentioning that there are other approaches like following guided boxes and also the hack the box academy. Generally, what I recommend is that you try these approaches and if you enjoy them or get value from them, then keep doing that. The reason that I take more of a self-study approach is that I think learning in context is important. Otherwise, I just forget things. and also with my approach. For me, it's a good balance between difficulty, problem solving, learning, and also time and efficiency. Finally, I wanted to finish up with some tips, advice, tricks, insights, whatever you want to call it, but essentially things that I wish I'd known sooner or things that I'd focused on that would have helped me speed up my learning process. Now, first up, we have exploit DB or search exploit, which is the command line tool for it. can be a good place to find exploits for your target. But many of these simply don't run due to syntax errors or they're a specific proof of concept for a different target. And that means generally I actually prefer finding exploits on GitHub that have been cleaned up, expanded, and tested. And often these are tweaked so they work against targets like those on Hack the Box. Now, you could consider that going through the process of testing and fixing junky PC's is a good learning experience, and it is. But let's leave making our lives harder for later on once we have a more solid methodology and intuition. That means we're more confident in a particular exploit being the path. Dealer's choice on this one, but honestly, don't make your life harder than it needs to be, unless there's a real return on your time investments. Now, we've talked about the next one a little bit earlier, and that is using writeups effectively. So, at the start, I think you should just follow a bunch of them, but once you're feeling a little bit more confident, maybe use them as a supplement. And when you're stuck, so that you can balance testing and sharpening your skills with learning new things. Moving on, I actually think that intuition is a big part of solving CTFs. So, when you play a lot of Hack the Box, you'll start to see patterns on the types of paths and exploits. And I just want you to keep in mind that yes, occasionally an easy box will have something really obscure or wild or difficult and hard, but generally speaking, most of the easy boxes are CVS and misconfigurations. So, think about this when you're considering a path forward. If it seems impossibly hard or really obscure, then there's probably an easier way, maybe with some credentials you found earlier in the process. And that leads us on to the next point. Don't forget about things that you've found. And make sure to test credentials in every possible place. And finally, the more you learn about Linux and Windows, the more success you will have in the long run because you'll understand why things work when they do or don't. And this isn't going to happen overnight, though. And probably it'll be at least a few months until you have your first aha moment when you connect some understanding of the underlying system with an attack you're trying to pull off. And because of that, you get it to work. These are the best moments you can have. So enjoy them and thank yourself for all of the hard work that you've put in to get to that point. Now, if you want to learn things like how to escalate privileges, then we do have some videos like this one here that are definitely worth checking out. And if you want more videos like this one, then let me know down in the comments below. I do read all of the comments and we always appreciate your thoughts. Catch you next time.

Original Description

https://www.tcm.rocks/acad-y - Take web hacking courses in the TCM Security Academy! We offer several, ranging from beginner-friendly to intermediate. HackTheBox tends to humble all of us, but it's notoriously hard to break through as a newbie. Well today, we're here to help (specifically, Alex is). Get a crash course into how you can set yourself up for success as you get started with HTB. Learn how to approach and solve boxes methodically, avoid rabbit holes, and actually make steady progress. Plus, discover the key skills and tips to take you from HackTheBox zero to hero in no time. Like this video? Subscribe to see more from the TCMS team! Alex's cheatsheet: https://www.notion.so/HackTheBox-Beginner-Cheat-Sheet-1f4463c9990c80f58aa0f00dfbff0b16?pvs=4 Shell resource (from Ethical Hacking YouTube course): https://youtu.be/sH4JCwjybGs?si=RnJO1fpQi6CC-ZPG&t=8887 #hackthebox #htb #cybersecurity #hacking #bugbounty Sponsor a Video: https://www.tcm.rocks/Sponsors Pentests & Security Consulting: https://tcm-sec.com Get Trained: https://academy.tcm-sec.com Get Certified: https://certifications.tcm-sec.com Merch: https://merch.tcm-sec.com 📱Social Media📱 ___________________________________________ X: https://x.com/TCMSecurity Twitch: https://www.twitch.tv/thecybermentor Instagram: https://www.instagram.com/tcmsecurity/ LinkedIn: https://www.linkedin.com/company/tcm-security-inc/ TikTok: https://www.tiktok.com/@tcmsecurity Discord: https://discord.gg/tcm Facebook: https://www.facebook.com/tcmsecure Timestamps: 00:00 Intro 00:36 Cheatsheet 00:58 Methodology 02:58 Key skills 06:21 Roadmap 08:22 Tips and tricks 08:36 Exploit db alternatives 09:31 Using writeups 09:50 Keep it simple 10:20 Test creds everywhere 10:32 Learn Linux and windows 11:06 Outro 💸Donate💸 ___________________________________________ Like the channel? Please consider supporting me on Patreon: https://www.patreon.com/thecybermentor Support the stream (one-time): https://streamlabs.com/thecy
Watch on YouTube ↗ (saves to browser)
Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from The Cyber Mentor · The Cyber Mentor · 0 of 60

← Previous Next →
1 Buffer Overflows Made Easy - Part 1: Introduction
Buffer Overflows Made Easy - Part 1: Introduction
The Cyber Mentor
2 Buffer Overflows Made Easy - Part 2: Spiking
Buffer Overflows Made Easy - Part 2: Spiking
The Cyber Mentor
3 Buffer Overflows Made Easy - Part 3: Fuzzing
Buffer Overflows Made Easy - Part 3: Fuzzing
The Cyber Mentor
4 Buffer Overflows Made Easy - Part 4: Finding the Offset
Buffer Overflows Made Easy - Part 4: Finding the Offset
The Cyber Mentor
5 Buffer Overflows Made Easy - Part 5: Overwriting the EIP
Buffer Overflows Made Easy - Part 5: Overwriting the EIP
The Cyber Mentor
6 Buffer Overflows Made Easy - Part 6: Finding Bad Characters
Buffer Overflows Made Easy - Part 6: Finding Bad Characters
The Cyber Mentor
7 Buffer Overflows Made Easy - Part 7: Finding the Right Module
Buffer Overflows Made Easy - Part 7: Finding the Right Module
The Cyber Mentor
8 Buffer Overflows Made Easy - Part 8: Generating Shellcode and Gaining Shells
Buffer Overflows Made Easy - Part 8: Generating Shellcode and Gaining Shells
The Cyber Mentor
9 HackTheBox - Sunday Walkthrough (Re-Up)
HackTheBox - Sunday Walkthrough (Re-Up)
The Cyber Mentor
10 Networking for Ethical Hackers - TCP, UDP, and the Three-Way Handshake (Re-Up)
Networking for Ethical Hackers - TCP, UDP, and the Three-Way Handshake (Re-Up)
The Cyber Mentor
11 Networking for Ethical Hackers - Network Subnetting (Re-Up)
Networking for Ethical Hackers - Network Subnetting (Re-Up)
The Cyber Mentor
12 Networking for Ethical Hackers - Network Subnetting Part 2: The Challenge (Re-Up)
Networking for Ethical Hackers - Network Subnetting Part 2: The Challenge (Re-Up)
The Cyber Mentor
13 Networking for Ethical Hackers - Building A Basic Network with Cisco Packet Tracer (Re-Up)
Networking for Ethical Hackers - Building A Basic Network with Cisco Packet Tracer (Re-Up)
The Cyber Mentor
14 HackTheBox - Fighter Walkthrough (Re-Up)
HackTheBox - Fighter Walkthrough (Re-Up)
The Cyber Mentor
15 Beginner Linux for Ethical Hackers - Navigating the File System
Beginner Linux for Ethical Hackers - Navigating the File System
The Cyber Mentor
16 Beginner Linux for Ethical Hackers - Users and Privileges
Beginner Linux for Ethical Hackers - Users and Privileges
The Cyber Mentor
17 Beginner Linux for Ethical Hackers - Common Network Commands
Beginner Linux for Ethical Hackers - Common Network Commands
The Cyber Mentor
18 Beginner Linux for Ethical Hackers - Viewing, Creating, and Editing Files
Beginner Linux for Ethical Hackers - Viewing, Creating, and Editing Files
The Cyber Mentor
19 Beginner Linux for Ethical Hackers - Controlling Kali Services
Beginner Linux for Ethical Hackers - Controlling Kali Services
The Cyber Mentor
20 Beginner Linux for Ethical Hackers - Scripting with Bash
Beginner Linux for Ethical Hackers - Scripting with Bash
The Cyber Mentor
21 Beginner Linux for Ethical Hackers - Installing and Updating Tools
Beginner Linux for Ethical Hackers - Installing and Updating Tools
The Cyber Mentor
22 Cracking Linux Password Hashes with Hashcat
Cracking Linux Password Hashes with Hashcat
The Cyber Mentor
23 Reminder: Twitch Hacking Live Stream Tonight! 2/26/19 at 8PM EST
Reminder: Twitch Hacking Live Stream Tonight! 2/26/19 at 8PM EST
The Cyber Mentor
24 Hacking Live Stream: Episode 1 - Kioptrix Level 1, HackTheBox Jerry, and Career Q&A / AMA
Hacking Live Stream: Episode 1 - Kioptrix Level 1, HackTheBox Jerry, and Career Q&A / AMA
The Cyber Mentor
25 Hacking Live Stream: Episode 2 - HackTheBox Active, Vulnserver Buffer Overflow, and Career Q&A / AMA
Hacking Live Stream: Episode 2 - HackTheBox Active, Vulnserver Buffer Overflow, and Career Q&A / AMA
The Cyber Mentor
26 Hacking Live Stream: Episode 3 - Hack The Box Blue, Devel, and Career Q&A / AMA
Hacking Live Stream: Episode 3 - Hack The Box Blue, Devel, and Career Q&A / AMA
The Cyber Mentor
27 New Zero to Hero Pentest Course, New Website, and 2K Subs?!
New Zero to Hero Pentest Course, New Website, and 2K Subs?!
The Cyber Mentor
28 Zero to Hero Pentesting: Episode 1 - Course Introduction, Notekeeping, Introductory Linux, and AMA
Zero to Hero Pentesting: Episode 1 - Course Introduction, Notekeeping, Introductory Linux, and AMA
The Cyber Mentor
29 Zero to Hero Pentesting: Episode 2 - Python 101
Zero to Hero Pentesting: Episode 2 - Python 101
The Cyber Mentor
30 Zero to Hero Pentesting: Episode 3 - Python 102, Building a Terrible Port Scanner, and a Giveaway
Zero to Hero Pentesting: Episode 3 - Python 102, Building a Terrible Port Scanner, and a Giveaway
The Cyber Mentor
31 Zero to Hero Pentesting: Episode 4 - Five Phases of Hacking + Passive OSINT
Zero to Hero Pentesting: Episode 4 - Five Phases of Hacking + Passive OSINT
The Cyber Mentor
32 Zero to Hero Pentesting: Episode 5 - Scanning Tools (Nmap, Nessus, BurpSuite, etc.) & Tactics
Zero to Hero Pentesting: Episode 5 - Scanning Tools (Nmap, Nessus, BurpSuite, etc.) & Tactics
The Cyber Mentor
33 Zero to Hero Pentesting: Episode 6 - Enumeration (Kioptrix & Hack The Box)
Zero to Hero Pentesting: Episode 6 - Enumeration (Kioptrix & Hack The Box)
The Cyber Mentor
34 Zero to Hero Pentesting: Episode 7 - Exploitation, Shells, and Some Credential Stuffing
Zero to Hero Pentesting: Episode 7 - Exploitation, Shells, and Some Credential Stuffing
The Cyber Mentor
35 Installing Windows Server 2016 on VMWare in 5 Minutes
Installing Windows Server 2016 on VMWare in 5 Minutes
The Cyber Mentor
36 Zero to Hero: Week 8 - Building an AD Lab, LLMNR Poisoning, and NTLMv2 Cracking with Hashcat
Zero to Hero: Week 8 - Building an AD Lab, LLMNR Poisoning, and NTLMv2 Cracking with Hashcat
The Cyber Mentor
37 A Day in the Life of an Ethical Hacker / Penetration Tester
A Day in the Life of an Ethical Hacker / Penetration Tester
The Cyber Mentor
38 Active Directory Exploitation - LLMNR/NBT-NS Poisoning
Active Directory Exploitation - LLMNR/NBT-NS Poisoning
The Cyber Mentor
39 Zero to Hero: Week 9 - NTLM Relay, Token Impersonation, Pass the Hash, PsExec, and more
Zero to Hero: Week 9 - NTLM Relay, Token Impersonation, Pass the Hash, PsExec, and more
The Cyber Mentor
40 Zero to Hero: Episode 10 - MS17-010/EternalBlue, GPP/cPasswords, and Kerberoasting
Zero to Hero: Episode 10 - MS17-010/EternalBlue, GPP/cPasswords, and Kerberoasting
The Cyber Mentor
41 Writing a Pentest Report
Writing a Pentest Report
The Cyber Mentor
42 Zero to Hero: Week 11 - File Transfers, Pivoting, and Reporting Writing
Zero to Hero: Week 11 - File Transfers, Pivoting, and Reporting Writing
The Cyber Mentor
43 The Complete Linux for Ethical Hackers Course for 2019
The Complete Linux for Ethical Hackers Course for 2019
The Cyber Mentor
44 Full Ethical Hacking Course - Beginner Network Penetration Testing (2019)
Full Ethical Hacking Course - Beginner Network Penetration Testing (2019)
The Cyber Mentor
45 Popping a Shell with SMB Relay and Empire
Popping a Shell with SMB Relay and Empire
The Cyber Mentor
46 Pentesting for n00bs: Episode 1 - Legacy (hackthebox)
Pentesting for n00bs: Episode 1 - Legacy (hackthebox)
The Cyber Mentor
47 Pentesting for n00bs: Episode 2 - Lame
Pentesting for n00bs: Episode 2 - Lame
The Cyber Mentor
48 Pentesting for n00bs: Episode 3 - Blue
Pentesting for n00bs: Episode 3 - Blue
The Cyber Mentor
49 Web App Testing: Episode 1 - Enumeration
Web App Testing: Episode 1 - Enumeration
The Cyber Mentor
50 Pentesting for n00bs: Episode 4 - Devel
Pentesting for n00bs: Episode 4 - Devel
The Cyber Mentor
51 Pentesting for n00bs: Episode 5 - Jerry
Pentesting for n00bs: Episode 5 - Jerry
The Cyber Mentor
52 Web App Testing: Episode 2 - Enumeration, XSS, and UI Bypassing
Web App Testing: Episode 2 - Enumeration, XSS, and UI Bypassing
The Cyber Mentor
53 Pentesting for n00bs: Episode 6 - Nibbles
Pentesting for n00bs: Episode 6 - Nibbles
The Cyber Mentor
54 Web App Testing: Episode 3 - XSS, SQL Injection, and Broken Access Control
Web App Testing: Episode 3 - XSS, SQL Injection, and Broken Access Control
The Cyber Mentor
55 How NOT to Approach a Cybersecurity Mentor
How NOT to Approach a Cybersecurity Mentor
The Cyber Mentor
56 Web App Testing: Episode 4 - XXE, Input Validation, Broken Access Control, and More XSS
Web App Testing: Episode 4 - XXE, Input Validation, Broken Access Control, and More XSS
The Cyber Mentor
57 Pentesting for n00bs: Episode 7 - Optimum (hackthebox)
Pentesting for n00bs: Episode 7 - Optimum (hackthebox)
The Cyber Mentor
58 Pentesting for n00bs: Episode 8 - Bashed (hackthebox)
Pentesting for n00bs: Episode 8 - Bashed (hackthebox)
The Cyber Mentor
59 Pentesting for n00bs: Episode 9 - Grandpa
Pentesting for n00bs: Episode 9 - Grandpa
The Cyber Mentor
60 Top 5 Internal Pentesting Methods
Top 5 Internal Pentesting Methods
The Cyber Mentor

This video provides a comprehensive guide for beginners to get started with HackTheBox, including tips and techniques for solving CTF challenges and escalating privileges on Linux and Windows systems. The video covers essential concepts such as cybersecurity basics, file transfer techniques, and CTF solving, and provides practical steps for learning and improving skills. By following the steps outlined in the video, viewers can improve their cybersecurity skills and become more proficient in sol

Key Takeaways
  1. Write down troubleshooting shells list
  2. Test different file transfer techniques
  3. Use provesque to read output and cross reference with notes or resources
  4. Follow a walkthrough for the first five boxes
  5. Set a 45-minute timer for boxes 5 to 20
  6. Use writeups to learn new things and balance testing and sharpening skills
  7. Test credentials in every possible place
  8. Learn about Linux and Windows to increase success in the long run
💡 The key to success in HackTheBox is to balance testing and sharpening skills, and to use writeups and other resources to learn new things and improve intuition.

Related Reads

📰
Active Directory Enumeration & Password Spraying: A Hands-On Guide
Learn hands-on techniques for Active Directory enumeration and password spraying to enhance your internal penetration testing skills in Microsoft Windows environments
Medium · Cybersecurity
📰
The Quantum Internet Explained: How the Next Generation of Communication Could Be Unhackable
Learn how the quantum internet can revolutionize cybersecurity with unhackable communication, and why it matters for the future of data transfer
Medium · Cybersecurity
📰
Zero Trust Starts Before Login: Lessons From Cloud Security
Learn how Zero Trust security starts before login and its importance in cloud security
Medium · DevOps
📰
Zero Trust Starts Before Login: Lessons From Cloud Security
Learn how Zero Trust security starts before login and why continuous verification is crucial for cloud security
Medium · Cybersecurity

Chapters (12)

Intro
0:36 Cheatsheet
0:58 Methodology
2:58 Key skills
6:21 Roadmap
8:22 Tips and tricks
8:36 Exploit db alternatives
9:31 Using writeups
9:50 Keep it simple
10:20 Test creds everywhere
10:32 Learn Linux and windows
11:06 Outro
Up next
What is reCAPTCHA v3 Explained with Examples
VLR Software Training
Watch →