Hack The Box

Next Steps

Now that we have finished this module, we should be ready to start working on our next steps on Hack The Box and build our penetration testings skills and information security portfolio. Let us discuss some of the following steps we can follow.

Boxes & Challenges

Having completed one easy box as part of this module, we should be ready to start laying out more ambitious goals.

Root a Retired Easy Box

Choose a retired box rated Easy and root the box by following the provided writeup included with the VIP membership needed to access retired boxes.

Tip: Try to watch a video walkthrough of the box, and then try to replicate what you learned without following the video step-by-step. In case you get stuck, you can refer to the walkthrough again.

Complete a Retired Medium Box

Once we root one or several Easy boxes, try to up the level by completing a Medium box, which will probably require additional knowledge that is usually not required for Easy boxes.

  • Root Our First Live Box

Once we have completed 5-10 Easy/Medium retired boxes, you should be able to complete your first Easy box without following a full walkthrough. Try to pick an Easy Box with difficulty ratings at level 1-3 out of 10. If we get stuck, we can always get help from the channels previously discussed.

ur first live box may be the most difficult, as we are entirely dependant on ourselves for the first time without referring to walkthroughs or writeups. This is an excellent indication that we are learning. Once we finish our first live box, try to complete other live boxes and other Medium/Hard live boxes.

Keep Learning

Although doing boxes and following writeups is an excellent way of learning, we may find many difficult topic areas in boxes and challenges. This may mean that we may leave certain essential aspects in penetration testing uncompleted if we only depend on boxes and walkthroughs for learning. This is why it is essential to keep working through other Academy Modules in areas we feel we need to improve upon until we feel strong enough in each topic area.

Furthermore, individual boxes only focus on a single area of learning, so we will need to supplement our approach with guided learning, i.e., Academy Modules, to become a more well-rounded penetration tester or information security professional.

Tip: Try to build a list of modules you are interested in, and add them to your 'To-Do' list. Whenever you feel like improving yourself, go back to your 'To-Do' list and complete your next module.

Giving Back

We may likely have consulted the help channels as we were doing live boxes. Once we are finished with a box, try to go back to these channels and help others in need, just like others helped us. Everyone started at the bottom; paying it forward is a crucial part of our information security journey.

As previously discussed, getting involved in the community and helping others is an excellent way of giving back and improving our understanding and our profile at the same time.

Share a Retired Box Walkthrough

As we work on a specific box, we need to properly document our steps and commands to root the box thoroughly. This is not only useful for the future when we face similar vulnerabilities but is also a great way to start learning how to document and report our findings, which is a mandatory skillset for any pentester. Try to find our best-written walkthrough for a retired machine, add more to it to turn it into a full writeup, and then publish it for others to read.

Tip: It's best to publish a walkthrough for a recently retired box. So, try to prepare a writeup for a live box you have completed, and publish it once its retired.

Way Forward

After finishing all of the above, there are still many other checkboxes that we need to complete to keep learning, and Hack The Box is full of learning opportunities. Here are some ideas:

  • Root a Retired Easy Box
  • Root a Retired Medium Box
  • Root an Active Box
  • Complete an Easy Challenge
  • Share a Walkthrough of a Retired Box
  • Complete Offensive Academy Modules
  • Root Live Medium/Hard Boxes
  • Complete A Track
  • Win a Hack The Box Battlegrounds Battle
  • Complete A Pro Lab

Remember: The moment we stop learning, we stop growing.