HTB Blog > Blue Teaming All the latest news and insights about cybersecurity from Hack The Box. Hacking trends, insights, interviews, stories, and much more
- How Active Directory (AD) attacks have evoved—and what that means for blue teamerson July 2, 2025 at 11:32 am
Explore 25 years of Active Directory attacks—from PtH to ransomware—and learn how defenders can harden networks, stop lateral movement, and prepare with hands-on training.
- LLMNR poisoning attack detectionon June 13, 2025 at 10:31 am
Learn how to detect LLMNR poisoning attacks in part three of a special five-part series on critical Active Directory (AD) attack detections & misconfigurations
- Meet global cyber skills standards with the new HTB Defense Operations Analyst certificate programon June 12, 2025 at 2:59 pm
An ANAB‑accredited, threat‑informed coursework that prepares cyber defenders for DoD 8140 roles and competencies. Delivering verifiable skills in just 15 weeks.
- How to use SmartScreen logs to find evidence of execution and user activity analysison February 27, 2025 at 3:24 am
CyberJunkie walks us through a new detection technique he uncovered using Windows SmartScreen Debug Event Logs. Follow this step-by-step guide to see how it works.
- Memory dump analysis with Signal decryptionon December 20, 2024 at 11:07 am
A deep-dive into Signal’s move to safeStorage API and how an HTB forensic content engineer creates a CTF Challenge.
- New Sherlocks updates: Academy recommendations, CPE credits (and more!)on December 2, 2024 at 5:36 pm
Ready for a more rewarding dive into your blue team investigations? Well, we have made new updates to Sherlocks that will give you momentum and a bonus to time well spent.
- Malware analysis for beginners (step-by-step)on September 18, 2024 at 10:21 am
Get familiar with industry-standard tools and methodologies to identify, understand, and detect malware threats.
- 5 Active Directory misconfigurations (& how they’re exploited)on September 11, 2024 at 12:36 pm
Audit your AD environment for misconfigurations (and attacks) that can lead to severe consequences when exploited by malicious actors.
- NTDS dumping attack detectionon August 29, 2024 at 10:22 am
Learn how to detect NTDS dumping attacks in issue five of a special series on critical Active Directory (AD) attack detections & misconfigurations.
- Essential SOC analyst tools (+ insights from real blue teamers)on August 20, 2024 at 11:01 am
How to get good at these fundamental SOC tools and their related skills.
