Getting Started

Getting Started  Fundamental

This module covers the fundamentals of penetration testing and an introduction to Hack The Box.

Created by mrb3n
Co-Authors: 21y4d

To start this course Sign Up!

Summary

This module introduces core penetration testing concepts, getting started with Hack The Box, a step-by-step walkthrough of your first HTB box, problem-solving, and how to be successful in general when beginning in the field. In this module, we will cover:

  • An overview of Information Security
  • Penetration testing distros
  • Common terms and technologies
  • Scanning and enumeration basics
  • Using public exploits
  • Shells, privilege escalation, and transferring files
  • Navigating the HTB platform
  • A step-by-step walkthrough of a retired HTB box
  • Common pitfalls and asking questions effectively
  • Completing a box without a walkthrough
  • Next steps in the field

This module is broken down into sections with accompanying hands-on exercises to practice each of the tactics and techniques we cover. The module ends with a practical hands-on skills assessment to gauge your understanding of the various topic areas.

As you work through the module, you will see example commands and command output for the various topics introduced. It is worth reproducing as many of these examples as possible to reinforce further the concepts introduced in each section. You can do this in the Pwnbox provided in the interactive sections or your virtual machine.

You can start and stop the module at any time and pick up where you left off. There is no time limit or "grading," but you must complete all of the exercises and the skills assessment to receive the maximum number of cubes and have this module marked as complete in any paths you have chosen.

The module is classified as "Fundamental" but assumes a working knowledge of the Linux command line and an understanding of information security fundamentals.

A firm grasp of the following modules can be considered prerequisites for successful completion of this module:

  • Introduction to Networking
  • Linux Fundamentals
  • Introduction to Web Applications
  • Web Requests
  • Learning Process

Sections

  • Infosec Overview
  • Getting Started with a Pentest Distro
  • Staying Organized
  • Connecting Using VPN
  • Common Terms
  • Basic Tools
  • Service Scanning
  • Web Enumeration
  • Public Exploits
  • Types of Shells
  • Privilege Escalation
  • Transferring Files
  • Starting Out
  • Navigating HTB
  • Nibbles - Enumeration
  • Nibbles - Web Footprinting
  • Nibbles - Initial Foothold
  • Nibbles - Privilege Escalation
  • Nibbles - Alternate User Method - Metasploit
  • Common Pitfalls
  • Getting Help
  • Next Steps
  • Knowledge Check

Relevant Paths

This module progresses you towards the following Paths

Card image
Cracking into Hack the Box

Easy 43 Sections

Cubes Required: 30

To be successful in any technical information security role, we must have a broad understanding of specialized tools, tactics, and terminology. This path introduces core concepts necessary for anyone interested in a hands-on technical infosec role. The modules also provide the essential prerequisite knowledge for joining the main Hack The Box platform, progressing through Starting Point through easy-rated retired machines, and solving "live" machines with no walkthrough. It also includes helpful information about staying organized, navigating the HTB platforms, common pitfalls, and selecting a penetration testing distribution. Students will complete their first box during this path with a guided walkthrough and be challenged to complete a box on their own by applying the knowledge learned in the Getting Started module.

 Web Requests

Fundamental 9 Sections

Web applications provide a large potential attack surface and need to be secured properly. A firm grasp of the basics of how applications communicate is critical for anyone interested in learning how to assess and attack web applications.

 JavaScript Deobfuscation

Easy 11 Sections

This module will take you step-by-step through the fundamentals of JavaScript Deobfuscation until you can deobfuscate basic JavaScript code and understand its purpose.

 Getting Started

Fundamental 23 Sections

This module covers the fundamentals of penetration testing and an introduction to Hack The Box.

To start this course Sign Up!