HackTheBox for Beginners: Getting Started Guide

Real-world hacking challenges to build your offensive security skills.

What Is HackTheBox?

HackTheBox (HTB) is an online cybersecurity training platform with vulnerable virtual machines that teach penetration testing skills. Unlike guided platforms, HTB drops you into a realistic environment and expects you to figure things out — mimicking what professional pentesters do daily.

The platform offers two modes. HackTheBox Labs present vulnerable machines (“boxes”) to enumerate, exploit, and escalate privileges on. HTB Academy provides structured modules with hands-on exercises, covering basic Linux enumeration through advanced Active Directory attacks.

HTB maintains active machines (rotated weekly, no walkthroughs) and retired machines (VIP-only, with writeups). Active machines force independent methodology; retired machines let you learn from official solutions.

Legal notice: All HTB machines are legally authorised practice environments. Never use techniques learned here against systems you do not own or lack explicit written permission to test. Unauthorised access is a criminal offence under the Computer Fraud and Abuse Act (US), Computer Misuse Act (UK), Criminal Code Act 1995 (AU), and equivalent laws worldwide.

How Does HackTheBox Compare to TryHackMe?

Both platforms are excellent but serve different stages of your learning journey.

HackTheBox vs TryHackMe — Last verified: March 2026

HackTheBox

Difficulty — Medium to Hard — less hand-holding
Format — Machines + challenges + Academy
Best For — Building real pentest skills
Free Tier — 2 active machines, Starting Point
Community — Competitive, ranking system
Career Value — Respected by hiring managers

TryHackMe

Difficulty — Easy to Medium — guided rooms
Format — Step-by-step rooms + learning paths
Best For — Complete beginners learning fundamentals
Free Tier — Many free rooms available
Community — Supportive, learning-focused
Career Value — Good for showing initiative

Verdict: Start with TryHackMe to build fundamentals, then graduate to HackTheBox to sharpen your skills.

Use case

Cybersecurity Lab Platform

Recommended path: Complete TryHackMe’s Pre-Security and Complete Beginner paths first. When you can finish TryHackMe medium-difficulty rooms without hints, you are ready for HTB.

How Do You Get Started with HackTheBox?

Create your account at hackthebox.com. The free tier includes Starting Point machines and two active machines. Choose a professional username — your HTB profile is public.

Connect via VPN. Unlike TryHackMe’s browser-based AttackBox, HTB requires a VPN connection:

# Connect to the HackTheBox VPN
sudo openvpn --config ~/Downloads/lab_username.ovpn

# Verify connection — look for a 10.10.x.x address
ip addr show tun0

Alternative: Pwnbox. HTB offers a browser-based Parrot OS instance, though using your own Kali Linux builds stronger skills.

Start with Starting Point — HTB’s guided introductory machines covering VPN setup, Nmap scanning, service enumeration, and flag submission. Complete these before attempting regular active machines.

What Does Your First Machine Look Like?

Every HTB machine follows a consistent methodology:

Your First HackTheBox Machine

Step-by-step approach for beginners

Step 1

Connect

Download VPN config

Connect via OpenVPN

Step 2

Enumerate

Nmap scan

Service detection

Step 3

Research

Identify services

Check for exploits

Step 4

Exploit

Gain initial access

Get user flag

Step 5

Escalate

Privilege escalation

Get root flag

Step 6

Document

Write notes

Submit flags

Idle

The most common beginner mistake is rushing to exploit before enumerating thoroughly. A thorough scan reveals the attack path; a rushed scan leaves you guessing.

What Is the Difference Between Free and VIP?

Feature	Free	VIP ($14/month)	VIP+ ($18/month)
Active machines	2 at a time	All active machines	All active machines
Retired machines	None	Full library + writeups	Full library + writeups
Starting Point	Full access	Full access	Full access
Pwnbox	Limited hours	Extended hours	Extended hours
Servers	Shared	Shared	Dedicated

Start free. Upgrade to VIP when you exhaust Starting Point and want retired machines with writeups — the best learning resource on the platform. Student discounts available.

Pricing verified March 2026. Check hackthebox.com for current information.

What Does HTB Academy Offer?

HTB Academy provides structured modules with reading material, hands-on exercises, and completion certificates. Tiers include Free (introductory modules), Student (discounted intermediate access), and VIP (full access including Active Directory and exploit development).

Topics include Linux/Windows fundamentals, network scanning, web attacks (SQLi, XSS, SSRF), privilege escalation, AD exploitation, and incident handling. Certificates map to PenTest+, eJPT, and OSCP objectives.

Which Machines Should Beginners Start With?

Machine	Difficulty	What You Learn
Meow	Very Easy	Basic connectivity, Telnet enumeration
Fawn	Very Easy	FTP enumeration and anonymous login
Dancing	Very Easy	SMB enumeration and share access
Redeemer	Very Easy	Redis enumeration and database interaction
Explosion	Very Easy	RDP and credential-based access
Preignition	Very Easy	Web directory enumeration, default credentials

After Starting Point, move to Easy-rated active machines. Focus on Linux machines first — they reinforce foundational command-line skills. When you upgrade to VIP, retired Easy machines with writeups become your best learning tool.

What Skills Will You Build?

Enumeration and reconnaissance — port scanning, service detection, information gathering
Exploitation techniques — leveraging CVEs, misconfigurations, weak credentials
Privilege escalation — Linux (SUID, cron, kernel exploits) and Windows (tokens, service misconfigs)
Web application testing — SQL injection, XSS, SSRF, authentication bypass
Active Directory attacks (advanced) — Kerberoasting, pass-the-hash, BloodHound

These skills align with CompTIA PenTest+ (PT0-002) and OSCP certification objectives.

What Are the Best Tips for Success?

Take detailed notes for every machine. Record commands, output, and decisions in a consistent format. These notes become portfolio evidence and interview preparation.

Struggle before looking at hints. Spend at least 30 minutes trying different approaches before checking forums. The struggle is where real learning happens.

Use HTB forums for nudges, not solutions. Hints point you in the right direction without spoiling the machine.

Build a repeatable methodology. Connectivity, port scan, enumeration, research, exploitation, escalation, documentation. Refine with every machine.

Track progress on your profile. Your HTB rank and completed machines are shareable proof of practical skills.

What Should You Do After Getting Started?

SOC analyst roles: Combine HTB with TryHackMe defensive rooms
Penetration testing: Progress through Easy and Medium machines, then attempt HTB Pro Labs
General readiness: Build a home lab alongside HTB for unrestricted practice

Individual results vary. HackTheBox is one part of a broader strategy including certifications, portfolios, and networking.

HTB machines teach you a ton, but without a plan it is easy to jump between random boxes. This tracker helps you align your lab practice with the skills your certifications actually test.

Career Roadmap & Study TrackerAvailable Now

Step-by-step roadmap with study tracker worksheets and certification decision framework.

Get the Guide → $27

Frequently Asked Questions

Is HackTheBox good for complete beginners?

Starting Point machines are beginner-friendly with guided instructions. However, regular HTB machines assume foundational Linux and networking knowledge. If you are a complete beginner, start with TryHackMe first and move to HackTheBox when you can complete medium-difficulty rooms without hints.

Is HackTheBox free?

HackTheBox has a free tier with Starting Point machines and 2 active machines. VIP costs approximately $14 USD per month and unlocks all active machines, retired machines with writeups, and extended Pwnbox hours. Student discounts are available.

Do I need Kali Linux for HackTheBox?

You need a machine with penetration testing tools. Kali Linux or Parrot OS are the most common choices. HTB also offers Pwnbox (browser-based), but connecting from your own VM builds more practical skills.

How long does it take to complete a HackTheBox machine?

Starting Point machines take 15-45 minutes. Easy active machines take 2-6 hours for beginners. Medium machines can take 4-12 hours. Speed improves as you develop a repeatable methodology.

What is the difference between HackTheBox and TryHackMe?

TryHackMe provides guided rooms for beginners. HackTheBox offers challenge-based machines with minimal guidance for intermediate users. Most career changers benefit from using both -- TryHackMe first, then HackTheBox.

Can I put HackTheBox on my resume?

Yes. Include your HTB profile link and mention your rank, machines completed, and any Pro Labs finished. Hiring managers for security roles recognise HackTheBox as strong evidence of practical skill.

What is HTB Academy?

HTB Academy offers structured modules with reading material and hands-on exercises, covering topics from Linux fundamentals to Active Directory attacks. Modules award completion certificates that map to PenTest+, eJPT, and OSCP objectives.

Should I pay for HackTheBox VIP?

Start free. Upgrade to VIP when you exhaust Starting Point and want retired machines with official writeups. At $14 per month, VIP is worthwhile if you practice at least 5 hours per week.

More resources

HackTheBox

Official HackTheBox platform — create your free account and start with Starting Point machines.

Visit HTB Academy

Structured learning modules covering penetration testing fundamentals through advanced techniques.

Visit HTB Discord

Community Discord server for hints, study groups, and connecting with other learners.

Visit