HackTheBox - Cybernetics Review

2 minute read

Making the most out of lockdown in the UK, I decided to enroll in the new Hack The Box pro lab, Cybernetics.


This was my first experience with the pro labs from Hack The Box, I’d only heard great things about Rastalabs and Offshore so I thought I’d give Cybernetics a bash and see what happens.


The Description and Rules tabs on the Cybernetics page presents a minature debrief of the labs and RoE:

Cybernetics LLC have enlisted the services of your firm to perform a red team assessment on their environment. Your objective is to establish a foothold, pivot through the internal environment, and acquire domain administrator privileges in all domains.

Cybernetics is an immersive Active Directory environment that has gone through various pentest engagements in the past. As a result, the environment features current operating systems, with the latest patches and system hardening configuration applied. Can you break through?

Participants will be exposed to the following:

  • Web application attacks
  • Active Directory enumeration and exploitation
  • Kerberos abuse
  • Phishing
  • Privilege escalation
  • Lateral movement
  • Evading endpoint protections

Lab Structure

The lab contains 21 machines, 4 domains, 18 flags, and is comprised of various different operating systems, services, and web applications. The end goal being to acquire DA privileges in each of the domains whilst fighting your way through to that last DC.


In all honesty I thought the labs were amazing. I learnt a ton and had the opportunity to practice different attack vectors I knew the ‘theory’ of but hadn’t had the oppportunity to play with in a real world simulated environment.

There’s also a nice progression to the lab with each machine/flag having something new to offer. The endpoint protections were up-to-date, the attack vectors were modern, and the lab had an extremely realistic feel to it with no CTF elements whatsoever.


If you don’t have any Active Directory experience I’d recommend taking the Attacking and Defending Active Directory course on PentesterAcademy, do the endgames, and complete the AD based machines on Hack The Box. I’ve listed a few of them below:

  • Active
  • Sizzle
  • Reel
  • Multimaster
  • Forest
  • Sauna
  • Montreverde
  • Cascade
  • Resolute
  • Mantis

It’s worth mentioning however that a single machine is no comparison to the environment of a real Active Directory network. This tweet from ippsec sums up the difference quite nicely:

Final Words

Upon completing the labs you’re presented with a PDF certificate, a nice touch from the HTB team. This is a fantastic lab and I have to give a huge shoutout to Hack The Box, and especially to lkys37en who presented us with this amazing challenge.