Hack The Box – First Impressions

by Cyborg Knight

🧠 Hack The Box – First Impressions

I started exploring the blue team training labs on Hack The Box (HTB), and here’s what I think so far.

🔍 Why I Picked HTB

• Known for red team/offensive content, but they’re now adding blue team modules
• Wanted to reinforce incident response and network detection skills
• Needed something more practical than multiple-choice certs

🧰 What I’ve Tried So Far

• Tier 0 Labs – MITRE-based basics with detection workflows
• Windows Logging & Analysis – hunting down suspicious activity via logs
• Packet Analysis – digging into traffic with Wireshark and Zeek

💡 What I Like

• Immediate feedback on flags (real CTF-style structure)
• Clear learning paths by topic (SIEM, forensics, packet analysis)
• Hands-on, not hand-holding

🤔 What Could Be Better

• Some walkthroughs are still in development
• If you’re brand new, the learning curve spikes quickly
• No centralized blue team dashboard or progress map (yet)

🔄 How I’m Using It

I’m using HTB as:

• A practical follow-up to theory-heavy certs like Google Cyber or SC-900
• A hands-on companion to my Proxmox lab stack
• A stepping stone to real-world detection engineering

🔚 Final Thoughts

HTB’s blue team content isn’t massive yet—but it’s focused and growing.
For someone building skills in SOC workflows, log analysis, and real detection?
Absolutely worth using.

Next up: feeding HTB logs into my own Security Onion instance and writing custom alerts.