Hack The Box (HTB) and TryHackMe (THM) are two of the industry's most popular and best cybersecurity training platforms. As someone who has pwned 42 HTB machines and completed 216 THM rooms at the time of this writing, I often get asked about the differences between these two platforms. I will give you all the information you need about these prolific gamified platforms in this article.
Summary
Hack The Box (HTB) and TryHackMe (THM) are both valuable platforms for cybersecurity training, each with its own strengths and differences. Here's a concise summary of their key points:
Hack The Box (HTB):
Comprises three websites: Main Application, Academy, and Capture the Flags (CTFs).
Main Application offers intentionally vulnerable machines, challenges, seasons, and advanced labs.
HTB Academy provides learning modules categorized by tier and certifications.
Offers certifications: CPTS, CBBH, and CDSA.
CTFs include events and a marketplace for training cybersecurity teams.
Pricing options range from free to various subscription levels.
Provides structured and advanced content.
Requires multiple subscriptions to access all content.
Emphasizes strict copyright policies and has a respected leaderboard.
TryHackMe (THM):
Hosts all content on a single website.
Offers Learn, Practice, and Compete rooms.
Content includes walkthroughs, practice rooms with no guidance, and King of The Hill competitions.
Offers free and premium subscriptions, with a student discount available.
Provides a beginner-friendly environment.
Lacks advanced topics and certifications.
Contains user-created rooms with some inconsistencies.
Content is more accessible and affordable.
Comparing HTB and THM:
Similarities:
Both platforms build real-life cybersecurity skills.
Offer offensive and defensive security content.
Gamified with badges, certificates, and leveling.
Beginner-friendly modules/rooms available.
Differences:
HTB offers more structured and advanced content.
HTB has a rigorous approval process for user-submitted content.
HTB offers certifications, while THM does not.
HTB enforces stricter copyright policies.
THM provides more content for a single subscription.
HTB is better suited for experienced practitioners, while THM is more beginner-friendly.
Conclusion and Recommendations:
For newcomers to cybersecurity, starting with TryHackMe is recommended due to its affordability and beginner-friendly content. As you gain experience, transitioning to Hack The Box can offer more advanced challenges and certifications. Both platforms have their merits, so the choice depends on your skill level and preferences.
Overview of Hack The Box
HTB is broken up into three separate websites, which means you have to have an account for each of these:
Main Application (app.hackthebox.com)
Academy (academy.hackthebox.com)
Capture the Flags (CTFs) (ctf.hackthebox.com)
Main Application
The main application has many components to it:
Machines: Intentionally vulnerable machines at various difficulty levels ranging from easy to insane. There are active machines and retired machines. Pwning active machines gives you score after completion and contributes to your overall leaderboard ranking. Active machines are not allowed to have publicly accessible walkthroughs of any kind. On the other hand, retired machines are permitted to have publicly accessible walkthroughs, but pwning them does not contribute to your leaderboard rankings and overall HTB rank and score. As machines go from active to retired status, you will lose score/rank. To maintain your score/rank, you must keep pwning the active machines as they come out. Note: sometimes, machines are released instantly into retired status and never become an active machine.
Seasons: The competitive aspect of machines. When a new active machine is released, it is active for seasons for only one week. After the first week, it is no longer active in seasonal status (but is still an active machine for the general platform). This means you must pwn the machine within it's first week of release to gain seasonal points. After the end of the season, which typically lasts about three months, players win prizes depending on how many points they accumulated and their overall seasonal leaderboard ranking.
Starting Point: Very easy machines for beginners to learn the basics of penetration testing. Very easy machines are never active machines and do not appear in Seasons. They also do not contribute to your HTB score/rank or total pwn count.
Challenges: Similar to machines. The only difference is that they are much shorter in length, and they are categorized by challenge type, such as "Crypto," "GamePwn," or "Forensics." They also contribute to your overall HTB score/rank. Challenges do not appear in Seasons at the time of this writing.
Sherlocks: Similar to machines, but they are for blue teamers (defensive security) rather than red teamers (offensive security). They are investigative challenges to test defensive security skills by diving into the aftermath of a target cyber attack. The goal is to unravel the dynamics behind the attack based on the knowledge provided. I'm unsure if Sherlocks affects your overall score/rank; however, they do not appear in Seasons at this time.
Advanced Labs: Consists of three modes.
Fortresses: Fully customizable vulnerable labs that any company can host in HTB.
Endgames: Advanced labs simulating real-world infrastructure and exploit scenarios, with multiple hosts and various attack paths. Players must hold the "Guru rank" to play the active Endgame labs.
Battlegrounds: A competitive mode where players compete head-to-head in the same lab environment. Note: This is inactive as there are 0 players in the lobby queues every time I check.
Job Board: Companies can post job openings here. Players must reach a certain rank to be able to apply to various jobs. From my perspective, this job board isn't very good. It's pretty inactive, and not many companies are utilizing it.
Pro Labs: Interactive hacking training in realistic corporate environments. These are hard challenges that consist of many machines. Pro Labs must be purchased separately and are not included with a base HTB subscription.
Overall, the Main Application is used to test player's abilities and to keep their skills sharp. Even the "Very Easy" machines on Starting Point do not provide much guidance on how to do them or teach you the skills required to complete them. The main application isn't a learning platform. To learn, you have to go to HTB Academy.
HTB Academy
The academy consists of various learning modules, from Fundamental to Hard. They can also be categorized from Tier 0 to Tier IV. There are offensive and defensive modules for both red and blue teamers.
All learners have access to the Tier 0 modules for free. Upon completion, learners earn "cubes," which can be spent on the modules that are not free. In general, the higher the tier, the higher the cost of the module. Eventually, learners must purchase cubes or a subscription to access the higher-level tiers.
HTB Academy also offers three certifications:
HTB Certified Penetration Testing Specialist (CPTS) is a highly hands-on certification that assesses the candidates' penetration testing skills. HTB Certified Penetration Testing Specialist certification holders will possess technical competency in the ethical hacking and penetration testing domains at an intermediate level. They will also be able to assess the risk at which an infrastructure is exposed and compose a commercial-grade as well as actionable report.
HTB Certified Bug Bounty Hunter (CBBH) is a highly hands-on certification that assesses the candidates' bug bounty hunting and web application pentesting skills. HTB Certified Bug Bounty Hunter certification holders will possess technical competency in the bug bounty hunting and web application penetration testing domains at an intermediate level. They will also be able to assess the risk at which a web application, service, or API is exposed and compose a commercial-grade as well as actionable report.
HTB Certified Defensive Security Analyst (CDSA) is a highly hands-on certification that assesses the candidates' security analysis, SOC operations, and incident handling skills. HTB Certified Defensive Security Analyst (HTB CDSA) certification holders will possess technical competency in the security analysis, SOC operations, and incident handling domains at an intermediate level. They will be able to spot security incidents and identify avenues of detection that may not be immediately apparent from simply looking at the available data. They will also excel at thinking outside the box, correlating disparate pieces of data, pivoting relentlessly to determine the maximum impact of an incident, and creating actionable security incident reports.
Each certification has a corresponding learning path for learners to follow. These learning paths consist of the modules necessary to complete the exam. Learners must complete the learning path in full before they are allowed to attempt the exam.
Capture The Flags (CTFs)
The CTF section of HTB is broken up into two categories:
Events: Open to everyone to compete and play.
Marketplace: CTFs that are made to train cybersecurity teams. These must be purchased. The target audience seems to be businesses rather than individuals for these.
Pricing, Memberships, and Subscriptions
Main Application
Free
$0
20 Active Machines
80+ Active Challenges
2h Pwnbox Trial
Unlimited Machine Resets
3 Endgames
VIP
$14/month
$135/year
190+ VIP Retired Machines
110+ Retired Challenges
24h Pwnbox per Month
Guided Mode
Isolated VIP Servers
CPE Credit Submission
VIP+
$20/month
$203/year
All features in VIP
Personal Machine Instances
Unlimited Pwnbox
Business
Contact sales for pricing
For organizations
2 +1 exclusive CVE-based Machines every month
Admin dashboard & user management
Private environment & VPN server
Access to official writeups and walkthroughs
Seats rotation & flexibility
Unlimited certification exam attempts
BlackSky: Cloud Labs access
Find, assess and hire top talent with HTB Talent Search
Dedicated Customer Success Manager
Pro Labs
$49/month
$490/year
HTB Academy
Free Account
$0
Silver Subscription
$18/month
Get started with Cyber Security
+200 cubes each month to unlock modules à la carte 11% discount
+ Unlimited Pwnbox usage
+ CPE credits submission
$490/year (Annual Subscription)
Direct access to all modules up to (including) Tier II
Direct access to the entire Bug Bounty Hunter job role path
Direct access to the entire Penetration Tester job role path
Direct access to the entire SOC Analyst job role path
+ Unlimited Pwnbox usage
+ CPE credits submission
One exam voucher per year for HTB CBBH, HTB CPTS, or HTB CDSA (limited-time offer going on right now)
Lab exercise guidance via Discord
No waiting to unlock modules
Pay less than buying through cubes
Exam voucher switching (applies to unused exam vouchers)
Student Subscription
$8/month
For university and academic institution students
+0 cubes each month
+ Unlimited Pwnbox usage
+ CPE credits submission
Gold Subscription
$38/month
Advance in Cyber Security
+500 cubes each month to unlock modules à la carte 27% discount
+ Unlimited Pwnbox usage
+ CPE credits submission
Platinum Subscription
$68/month
Master Cyber Security
+1000 cubes each month to unlock modules à la carte 36% discount
+ Unlimited Pwnbox usage
+ CPE credits submission
Certification Exam Vouchers
$210 each
Cubes
50 for $5.00
100 for $10.00
200 for $20.00
500 for $50.00
1000 for $100.00
5000 for $500.00
Module Costs
Spend 10 cubes to unlock each Tier 0 module (except “Learning Process,” which is free)
You earn 10 cubes for completing each Tier 0 module
This essentially makes every Tier 0 module free
Spend 50 cubes to unlock each Tier I module (except “Security Incident Reporting,” which costs 10 cubes)
You earn 10 cubes for completing each Tier I module
Spend 100 cubes to unlock each Tier II
You earn 20 cubes for completing each Tier II module
Spend 500 cubes to unlock each Tier III module
You earn 100 cubes for completing each Tier III module
Spend 1000 cubes to unlock each Tier IV module
You earn 200 cubes for completing each Tier IV module
Capture The Flags (CTFs)
Events
Free
Marketplace
Contact sales for pricing
Overview of TryHackMe
THM has one website that hosts all its content and one subscription grants access to everything. However, there are three components to THM.
Learn: Learn rooms are walkthroughs that teach you about various cybersecurity topics. These typically have reading and hands-on components, although not all rooms have hands-on components. There are learning paths that consist of multiple modules, where modules consist of multiple learning rooms. These learning rooms are great for learning cybersecurity fundamentals, vocabulary, tools, and techniques.
Practice: Practice rooms offer zero guidance. It’s up to you to figure out how to complete the tasks of the room. These are great to practice the skills you learned from the learning rooms.
Compete: This is a "King of The Hill" competition. Players are put into the same lab environment with up to 10 players and must hack into a machine. Once they hack into the machine, they must defend it from the other players. Whoever spends the most time controlling the machine at the end of the game (1 hour) is deemed the winner.
Pricing, Memberships, and Subscriptions
Free
$0
Premium
$14.00/month
$126.00/year
Students can get a 20% discount
Businesses
Contact sales for pricing
Comparing and Contrasting Hack the Box vs TryHackMe
After reading the overviews for both HTB and THM, it doesn’t take long to realize that Hack the Box is much more complicated to navigate over TryHackMe. But that doesn't mean THM is worse than HTB. Both platforms are excellent in their own way. They are just different.
Similarities
Both platforms will help you build serious real-life skills that cybersecurity employers are looking for. You can go from zero to hero in whatever specialization you seek. Both platforms have a ton of offensive and defensive security content. So whether you want to become a penetration tester, a cybersecurity analyst, a cybersecurity engineer, or any other cyber professional, each platform has you covered.
HTB Academy and THM are very similar to each other. HTB Academy modules and THM learning rooms teach you fundamental to advanced topics.
The main HTB application is very similar to the THM challenge rooms, where you will be challenged to hack into a machine or investigate a security incident without guidance.
Both platforms are heavily gamified and fun. You can earn badges/achievements, certificates of completion, and level up your profile as you complete the content on each platform.
Differences
At the time of writing, HTB Academy has 90 modules. The HTB main app has 365 machines, 490 challenges, 22 Sherlocks, 6 Pro Labs, 6 Fortresses, and 7 Endgames.
At the time of writing, THM has 782 rooms. Both platforms are consistently creating and adding new content.
In my opinion, HTB Academy is much more structured than THM. I believe this is because THM has many user-created rooms and doesn’t seem to have a robust editing process in place. There are many rooms with grammar errors, and It’s hard to read and understand the learning content at times. There is a lot of overlap between rooms, and multiple rooms cover the same content, which adds to the total number of rooms.
HTB will edit and add to a module before creating an entirely new module. Because of this, HTB Academy modules are longer and don’t overlap much between modules. This contributes to the lower number of modules as each module is unique.
HTB Academy and THM both offer beginner-friendly modules/rooms. However, HTB Academy has more advanced topics that THM doesn’t touch on. THM doesn’t offer anything that is super challenging. THM is beginner-friendly but doesn't offer much for experienced professionals.
The machines on the HTB main app are user-submitted. However, these have a very robust and strict approval process. So, in my opinion, the quality of HTB machines is far superior to a THM challenge room. Furthermore, a "Hard" room on THM is easier than an "Easy" machine on HTB. So, HTB is for more experienced cybersecurity practitioners compared to THM, which is more beginner-friendly.
HTB offers certifications, whereas THM does not provide certifications.
HTB takes their copywrites way more seriously. You won’t easily find a walkthrough/writeup of active HTB content. This contrasts THM, where there are public writeups for just about every room. This means anyone can get the answer to THM tasks with a quick Google search, and people who complete HTB content for sure did not get the answers handed to them. For this reason, I respect the HTB leaderboards/rankings far more than the THM leaderboards/rankings.
The HTB multiverse offers more content overall. However, you must purchase multiple subscriptions to access everything they offer. In contrast, THM requires a single subscription to get access to everything. Overall, THM is a better "bang for your buck" as it provides more content for the price you pay.
Conclusion and Recommendations
I would recommend the path I took. I started with THM and used the platform every day for 1.5 years (putting in an hour every day, I have the 365-day streak badge). Once I completed all the learning paths, the platform became very boring, and I had to "graduate" to HTB.
So, if you are brand new to cybersecurity, start with THM, as you will spend less money to get your feet wet in the field. Once/if you are more experienced, you’ll want to log off THM and start doing the content on HTB.
Disclaimer:
All links to Hack The Box and Hack The Box Academy, in this post are affiliate links. This means that if you make a purchase through these links, I may receive a commission at no additional cost to you.
Furthermore, all links to TryHackMe in this post is my referral link. Signing up to TryHackMe through my referral link saves you $5 on your subscription and also saves me $5 on my next subscription.
Your support through these purchases helps me continue providing valuable content. Thank you!