Hack The Box – Forensics Challenges Overview

Hack The Box is a fantastic free (mostly) resource for anyone wanting to improve their offensive security skills. I’ve had an account for years but since I moved away from offensive work to full-time DFIR I haven’t paid much attention to it. Until, that is, I was pointed at their section of forensics challenges.

Rather than logging in to a lab environment via VPN the forensics challenges are standalone downloads of artefacts with a single flag to discover. Points are awarded based on complexity of each scenario while the challenge is active. Every so often a new challenge is added, and an active challenge is retired. No points are awarded for retired challenges, although they are still available to play for those with a Hack The Box VIP subscription.

Due to the distinction between active and retired challenges I am publishing Hack The Box write-ups slightly differently from my usual CTF write-ups. Write-ups for active challenges will be published, but password-protected. The password for each write-up is the Hack The Box flag associated with the challenge. Once a challenge is retired I will remove the password-protection and the write-up will be open to view by everyone.

I realise this might seem strange given all my other write-ups are open, but Hack The Box have a rule prohibiting spoilers for active challenges.

Besides, even if the write-up is password-protected it is often helpful to read other approaches to solving the same problem.

Active Challenges (password-protected)

Retired Challenges

Leave a Reply

Your email address will not be published. Required fields are marked *