You must try this platform!

What's going on guys, c'est Zack et bienvenue dans cette leçon dans laquelle on va parler d'une autre plateforme de test d'intrusion et de hacking éthique.

This is a platform that can really make a difference in your journey as a penetration tester.

In a previous lesson, we talked about TryHackMe.

We saw how to create an account, how to choose course rooms (rooms), CTFs, etc., and I encouraged you to do as many as possible.

Today, we are interested in Hack The Box Academy.

What is remarkable about Hack The Box Academy is that it is a true academy, structured like an online school to train you on both theory and practice.

As a reminder, we had already mentioned the main Hack The Box platform.

This one is primarily oriented towards CTFs and pure practice.

We will see together how the Hack The Box ecosystem works, whether the main CTF platform or Hack The Box Academy.

If you go to `hackthebox.com`, you will arrive at their historic platform.

It is one of the most famous CTF environments in the world, bringing together a huge community of enthusiasts and security professionals.

You will find hacking labs (Hacking Labs), complex realistic networks to audit (ProLabs), Battlegrounds-type competitions, as well as a career space (InfoSec Careers).

Hack The Box is a complete and very diverse platform.

It also offers forums, local meetings (Meetups) organized in many countries to train together, and offers highly respected professional certifications on the market.

In addition, the platform integrates a job opportunities space (Job Opportunities) where you can apply directly to partner companies like TikTok or others, for positions of defensive content creator, pentester (Penetration Tester) or Red Team operator.

Most of these positions are currently based in the United States (New York, Los Angeles, Washington D.C.), but there are also regularly opportunities in other countries like France or Canada.

The "Battlegrounds" tab offers multiplayer CTFs in real time.

This is excellent preparation for real audits.

But what interests us today is Hack The Box Academy, accessible via `academy.hackthebox.com`.

If you are starting in pentest, this is an excellent way to acquire theoretical and practical knowledge progressively.

The only potential drawback is that, just like TryHackMe, the Academy is entirely in English.

If you are not comfortable, you can use automatic translation extensions (such as Google Translate) in your browser to translate courses into French.

But I advise you to make the effort to read in English, as it is the essential language of the field.

On Hack The Box Academy, courses are structured by modules.

Each module includes several lessons, combining a theoretical course and practical exercises to carry out on dedicated virtual machines launched in the cloud.

Upon your free registration, the platform offers you about 100 cubes (the site's virtual currency) which allow you to unlock your first modules.

Modules are classified by levels (Tiers).

Tier 0 is for absolute beginners.

We find general introductions, Linux or Windows fundamentals, basic web application operations, a course on Metasploit, an introduction to Active Directory (which is one of the best I have read), or network traffic analysis.

Once Tier 0 is completed, you move to Tier 1.

This is where you will find more advanced modules like network enumeration with Nmap, learning Bash scripting, using shells and payloads (Shells & Payloads), or password cracking (Password Cracking).

These are fairly dense modules that I have personally completed.

By progressing, you will unlock the following Tiers (Tier 2, Tier 3, etc.) addressing more complex topics, such as Kerberos attacks (Kerberoasting, AS-REP Roasting), to finish with Tier 4 intended for confirmed pentesters.

The more you climb in level, the more cubes the modules require to be unlocked (from 10 to 50 cubes for Tier 0, and more for higher levels).

To keep progressing, you will have to buy cubes (for example, 1000 cubes for 100 dollars, or 50 cubes for 5 dollars), or subscribe to an annual subscription.

The annual subscription of 490 dollars gives unlimited access to all modules up to Tier 2, as well as discounts on Hack The Box certifications.

There is also a very interesting student rate at 8 dollars per month.

Personally, I prefer to buy cubes occasionally according to my needs to unlock the modules that interest me.

Hack The Box Academy offers excellent and highly valued professional certifications, such as the "Certified Penetration Testing Specialist" (HTB CPTS) or the "Certified Bug Bounty Hunter" (HTB CBBH).

These exams generally last 24 hours in real conditions and require auditing a complex infrastructure and writing a professional report.

To give you an example of the quality of the courses, let's take the "Linux Fundamentals" module.

The course is very progressive, written in a simple way by experts, and ends with practical questions to validate your learning.

In the "Working with Files and Directories" chapter, for example, you can launch an attack machine directly by clicking on the activation button in the interface, or connect via the platform's VPN using OpenVPN, just like on TryHackMe.

By correctly answering the questions at the end of each section, you also earn back a few cubes.

In conclusion, I invite you to test TryHackMe and Hack The Box Academy for free to compare the two platforms and choose the one that best fits your learning style and budget.

Focus your efforts on a single platform at the beginning to progress effectively.

We'll meet in the next lesson.

Peace.