Back in August, I decided to challenge myself and take the Comptia PenTest Plus exam. It was something I always wanted to do and it was a way to help improve my vulerability management skills. The test itself was a challenge and like most Comptia exams, it involved a lot of memorization. I used a combination of Dion Training and TryHackMe to get through the exam. I did find the exam valuable but what it does lack is any practical portion. Its great on methodology and learning the process, but you won’t know how to PenTest afterwards. You will know the tooling, the overall business process, tactics, and the why, but not the how.

Now I do have an active TryHackMe account which I have used to great affect in learning defender skills. It also helped me improved my Linux experience, get me introduced to Splunk, and thier new certification has me intrigued. But, something I always wanted to learn was that how, how does someone compromise a network and move through it. What are the methods and tactics? TryhackMe is a great platform and I will recommend it for anyone who wants to get into Cyber Security, but the platform that specialized in penetration testing, is without a doubt, HacktheBox.

Full disclosure, I intended to do this after my CISSP as a reward to myself for slugging it through that exam. However, life got in the way and I had to work on more important skill sets. Last year I started looking at what in cyber security peaked my interests, looking at threat hunting, analysis, and finally settling on overall vulnerability management. This is what I do in my current day to day job, working with small and medium businesses to help them with the current threat landscape. This involves setting up security measures, helping with training, and developing policy. But I still felt like I was lacking that practical experience, and it was time for a change. From the last time I tried HTB-Academy, I still had credits and the cost for a lab account isn’t bad.

Starting Out

When I decided to first get back into HacktheBox, I started with the labs. The reason for this was back when I first decided to give it a go, I didn’t find Academy that good (more on that later). The labs jump you right into retrieving flags and compromising systems. Their Starting Point path is really good. You probably won’t get into any of the boxes without following the write-up, but the step by step nature of it was really good. It also still gives you a sense of accomplishment and also, in me, kinda erased any self-doubt of if I could actually do this. Worse case, I learn what tactics and vulnerabilities exist out there. All I can is, web developers really need to sit down and go through this. You pop a lot of boxes by just exploits in the back ends, get shell, and then escalate from their. Both Windows and Linux boxes have their quirks, with LOLBASE and GTFOBins being essential. Once I got through Starting Point I started down their Red Team path, but I had realized that I was just following the writeups. Again, they are good and you will learn, but I wanted a little more. I had been finding myself jumping back to TryHackMe to go over specific tools like Metasploit and JohntheRipper. After a few labs, I decided to head into the Academy and do their Penetration Tester Path.

Back into the Fray

So when I had first done HacktheBox Academy, my intent was to use it for CPE credits with ISC2. But my initial findings and experience with HTB-Academy was “This sucks”. And if you are coming off TryHackMe, it truly does. TryHackMe does an amazing job of explaining and walking you through the questions and labs. HTB-Academy will show you want to do, but it is up to you to figure it out. They suck because they will challenge you and if you are starting out fresh they will be full of pain.

Also, their answer entry is picky. Very picky, like if you have a space at the end its wrong picky.

So you may ask, what has changed? Well, in the two and half year time frame, my skills have just gotten better. I have spent a lot of time on TryHackMe, also diving more and more into the terminal on my Linux systems. Really, if I was to develop a training plan for someone to get into cyber security, I’d say start with TryHackMe and get good with Linux terminal. Daily drive it. And if you want to do penetration testing, its full on terminal fun fest. You really need to know how to manage multiple applications, multiple terminal sessions, and just be in the terminal. If you look at some of my previous posts and Github, I have spent time learning Tmux. Just being able to split windows, have multiple windows, and jump around without a mouse has made my life easier. I can’t count the number of times I’ve been in Metasploit and go, man what is my ip. So I would just split the window, type ip a and get what I needed. Also, there were times I’d have a Python HTTP server, my Openvpn connection, NetCat, and Nmap just running. Moving around in the terminal efficiently is a required skill. I almost hate BurpSuite because it forces me out of the terminal (though I have seen inklings of a tui copy).

Impressions

Overall, my time spent in HacktheBox in Quarter 1 has been fun. I have learned new skills, seen how penetration testing is done, and gone over privilege escalation. I hope to continue learning on the platform over the next quarter though I may have to shift to a certification required for work. Time will tell on that one. I set myself two certification goals for this year and I am somewhat on track at the moment. I hope to actually do the CPTS exam along with one other. The big thing is keeping on my schedule which the last few weeks, due to some work and personal obligations has slipped. I also understand it is a hard exam but I am up for the challenge. I will over the next few days create a new Github repo and start dumping my notes in there, despite them being a chaotic mess. Hopefully they can help others move forward in case I am unable to.

With that, everyone have a good Quarter 2 and hopefully you got your rocks done for Quarter 1.

73’s