TryHackMe VS HackTheBox - Which One Is Better For YOU in 2023-2024 - InfoSec Pat

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey what's up everyone welcome back to another video yes I got sunburn over the weekend so don't make fun of my red face I went out on a boat and I look like this like a lobster what can I say fun is fun right so in today's video I get this question a lot what is the difference between hack the box and try hack me and which one should you start with so stay to the end learn what my opinion is and please subscribe please like please share we're almost at 50,000 once we get there we're going to be doing a good big giveaway so let's get into the video and have some [Music] fun all right folks so like I get this question a lot right hack the box or try hack me and there's other platforms like vulnhub for Swagger a whole bunch of other things but I'm just going to focus on these two today so again ignore my uh burnt face I didn't realize how red I was until I took a shower yesterday after the boat and I was like damn and my back is even worse yes I fry like a lobster but anyhow so in my recommendation I would always start out with try hack me if you're an intermediate expert level obviously go into hack the Box we'll get into that in a minute but if you need more handholding more babysitting this is awesome right so say for example we want to go to learn we don't know what to learn right there's so many different categories that we can practice we can learn red teaming intro to cyber security say you're brand new to the field this is you can learn the the core uh you know I don't even know what this is the uh the core skills required to even start your career in cyber security right learn the difference between you know different topics and applications or whatever and then we can go down we can learn about Junior pen testing pre-security you know I checked some of these out just to see what's what's up uh cyber defense attacking and defending against AWS this looks pretty cool I might do this at certain uh at some point but it's just time right and hack uh sock level one I think I did some videos on this complete beginner and so on and so forth you can guys can get the gist right and if you keep going down we have modules say for example you don't know what Metasploit is this is a C2 framework right that's built into Cali Linux uh you want to just want to click in here for an example and you want to go ahead and get the introduction of Metasploit uh guys all right then you start the machine and then you can go go down and learn some metlo stuff and auxiliaries and post and exploits and all the fun stuff that metlo has to offer let's go back let's go back one more and you get the gist and once you have the fundamentals and you want to learn how to do maybe a capture the flag then we can go ahead and go to practice go all the way up we can say for an example Mr Robot right Mr Robot CTF so there is a walk through here from dockstar and I never did this box on try hackme I and the one that I did on Mr Robot was pulled from uh vul Hub I did that even before I had a membership with hack the box and try hack me so yeah so yeah so you can just pretty much walk through here this is going to get you connected to the VPN and then hack this machine so there's three keys there's not much you know you can hit the hint say this room need you know I guess you have to join the room let's just join the room for an example and then all right who guys all right let's go back down here and let's go ahead and just go back here and let's look at the hint now robots so maybe it's like the robots.txt I don't know I'm just guessing right I don't have the box up and then we can go to here there's something fishy about the word list why is it so long so you got the gist it gives you that walk through that gives you that handholding just in case you have no idea what you're doing so now we can go to search I'm just going to like do a little navigation around here so say for example we can search you know free only because say for example you have no subscription right you're you're a new person you don't have the money to pay for it or if you do you get the subscription and you get more more access say for example you want to go through walkthroughs I don't know let's just do most popular right right and then we can see some of the stuff that we have here and the haveit of cyber 2021 2022 I did both of those and I can't wait till next month to do 2023 and you guys can get the gist there 23 Pages I'm not going to bore you clicking through pages but now let's go through like for example ctfs right capture the flags we have basic and let me go through the basic penetration testing right so this is with John on and you know I did do it so like for example you start the machine you know you can get some hints like funny the service that's exploited by this machine use nmap you know see blah blah blah and just go to next so say for example what is the name of the Hidden directory on the web server you know let's hit the hint use dur Searcher dirbuster you can go use Go Go Buster it's pretty much much go ahead and Brute Force the directories that reside on that web server or against that web server and you'll find for example deployment so on and so forth so you get the gist right it's just like very very handholding so you know I like this I like this if you're learning a new topic so let's transfer now to hack the box right I have it up here I'm logged in there's some really cool things let me Zoom this in a little bit right so say for example you have a starting point you're total new I'm just going to you know pretend that you're totally new at this and these very easy machines right so you can go down here it's similar to like the the the handh holding I actually never did these so I can't speak on them so I'm sure you just recommended you connect to your your pone spone boach or you connect to the VPN and once you're connected to the VPN you can spone the Box up you can spin it up and then what is the acronym for VM stand for you know virtual machine I assume and then you just go down the merry way right you just keep going down and until you're done all right so that's the starting point let's go back a home and look it has a new certification so these are pretty cool things that you can uh that you can learn right there's challenges there's machines for example you can go to the machines this is your typical right like you just go to your machines you can see the active machines right now right so these are all the active machines and you can sort by like level where is that sort by oh right here sort by for example uh difficulty easy for example you want to look at all the easys first and or all the easys you know alone and you can see all the easys you can see the mediums and and so on and so forth hard and then you can sort it by uh user difficulty here we go that's what I wanted to do so then you can see okay once this loads you can see okay you know hard and let's see if we can uh we can't rotate this so easy the ones the easiest ones are on the on the top okay so you guys get the gist and then you can go to retired machines right so these are everything that are that retired there's like 23 Pages maybe maybe even more okay and what's also cool about hack the Box you have tracks right what is a track let me make this a little larger it's a selection of machines collected tied together into you know for you for you to practice on a specific topic like mastering a particular subject for an example let's go down here and let's just see beginner track right this an example so you have lame this is a really easy machine find the the easy pass weak RSA Jerry blah blah blah I did all the machines so I guess I get the credit for that okay so you can go back and say for example I wanted to do there was a blue uh not blue T this one to Dante so I'm going to be doing Dante with a few with a few people and um you know you can go into here and I guess do these this is the intro so let me uh let's go to academy I believe it's in is it an academy I don't know if my password will work for this let me see no uh let's go ahead and go to Advanced Labs I think it's on the advanced Labs prabs here we go so prolabs this Dante right so we have 27 Flags I don't know what this is let's see and I'm actually going to do this with a few with a few buddies so we have 14 machines it's 14 machines and then 27 flags and it's intermediate level level two pen tester and this is going to test to see how how my pen testing skills are you know as you guys know like I enjoy doing this but I don't do it every day right it's not my day-to-day thing and I'm going to be completely honest I don't do it I do it sometimes you know like some sometimes I have to get into it but you know sometimes there's a lot of defensive stuff blue teaming stuff red teaming stuff but it's not like every day that I'm just pentesting all day every day so this is this would be pretty cool and who is this for right a junior pentester you know blah blah blah blah blah and yeah you get you get the gist right so that that'll be pretty cool and then what else what else can we go over challenges you have different challenges and uh you know for example Hardware you have Hardware challenges debug interfaces blah blah blah and let me bring this back up okay and then you guys get the you guys get the the gist of this right where we're trying to get at so yeah this is pretty much hack the box so this is more like intermediate like going going into after you're done with try hack me you can jump into hack the box and then you can also do like Pro I think it's Pro P test Labs I think I think that's it oh pentester lab right so then you have this one as well well and then you have vul Hub right as well these are just vulnerable machines that you can download and set up in your own environment so yeah this is but obviously today was Focus was on my opinion and my recommendation for try hackme verse hack the box I have a relationship with both of them I love both of them and I don't have me personally I don't have one favorite the other it's just a recommendation that I would recommend try hack me starting out as a beginner and getting into hack the Box later because for an example if if you're going to go for a machine for an example and you want to spin up uh once this shows Once the machines show up I I'll give you an example let's just go course we're talking about easy what about keepa right so keepa is a you know easy machine so let's see if uh G you any I guess you can't activity can we see anything uh just pretty much the machine I didn't know like if it was a web app I know it's Linux easy and so on and so forth but you guys get the gist pretty much this just gives you an IP address you have to connect to your vpns and then start doing your recon information gathering on that IP address you guys probably seen a whole bunch of videos of mine doing walkthroughs and stuff like that on hack the box but yeah those would be my recommendations to start out with and uh if you have any questions please leave it in the description below or in the comments below and I will get it you know I'll get to you guys as quickly as possible and be you know be on the lookout for some new content that I'm creating on VMware if you're ever interested or anyone's interested in VMware training I'm going to be putting videos out on that I know this is about infosec but that's you know more about virtualization and server stuff and and some other cool stuff that I'm you know working on in the Pipelines so thank you so much for viewing and until next time have an awesome [Music] day

Info

Channel: InfoSec Pat

Views: 7,791

Rating: undefined out of 5

Keywords: tryhackme vs hackthebox vs pentesterlab, tryhackme vs hackthebox academy, tryhackme vs hackthebox for beginners, kali linux tutorial, kali linux hacking tutorials, CTF, how to learn hacking, hack pentesting, pentesting, how to pentest, how to, how to hack, tryhackme hackthebox, cybersecurity, hacker, cyber, security, hacking, oscp, learn hacking, learn cybersecurity, cyber certifications, web application hacking, ethical hacking, penetration testing, hackthebox, tryhackme, pnpt cert, ceh

Id: CvGiBc7eeLA

Channel Id: undefined

Length: 14min 11sec (851 seconds)

Published: Tue Nov 14 2023