Hack The Box Academy has positioned itself as the structured learning arm of one of cybersecurity's most recognized brands. Unlike the main Hack The Box Labs platform that throws you into vulnerable machines with minimal guidance, Academy offers courses, modules, and certifications designed to teach you the fundamentals before you face real challenges.
But is HTB Academy worth your time and money in 2026? With so many cybersecurity training platforms competing for your attention, understanding exactly what Academy offers, what it costs, and who it serves best is essential before committing your budget.
📊 HTB Academy at a Glance
🎓 What is Hack The Box Academy?
Hack The Box Academy is an interactive, role-based cybersecurity training platform launched by Hack The Box to complement their main Labs product. While HTB Labs focuses on challenging vulnerable machines with minimal guidance, Academy takes a structured educational approach with courses, modules, and step-by-step learning paths.
Think of it as the classroom to HTB Labs' proving ground. Academy teaches you the concepts, tools, and techniques through guided content, then Labs lets you apply that knowledge against realistic targets.
HTB Academy vs HTB Labs: Quick Comparison
| Feature | HTB Academy | HTB Labs |
|---|---|---|
| Purpose | 📚 Learn concepts | 🎯 Practice skills |
| Format | Structured courses | Vulnerable machines |
| Guidance | Step-by-step | Minimal |
| Best for | Beginners learning | Testing existing skills |
| Subscription | Separate | Separate |
Important: HTB Labs and HTB Academy are separate products with separate subscriptions. Paying for one does not give you access to the other. Budget accordingly if you want both.
🛤️ Learning Paths and Content
Academy organizes content into modules and learning paths. Each module covers a specific topic with theoretical explanations, practical exercises, and interactive targets you can attack directly from your browser via Pwnbox.
Available Job Role Paths
🔴 Penetration Tester
Full offensive security path from recon to post-exploitation. Prepares for CPTS certification.
🟠 Bug Bounty Hunter
Web application security focus. Covers OWASP Top 10 and bug bounty methodology. Leads to CWES cert (formerly CBBH).
🔵 SOC Analyst
Defensive security path covering monitoring, detection, and incident response. Prepares for CDSA. See our SOC analyst career guide.
🟣 Red Team Operator
Advanced offensive techniques including evasion, C2, and Active Directory attacks.
🟢 Junior Cybersecurity Analyst
Entry-level path for complete beginners. Covers fundamentals and leads to CJCA certification. New in 2025.
📡 WiFi Penetration Tester
Wireless security focus. Covers WiFi attacks, WPA cracking, and rogue access points. New in 2025.
What Makes the Content Good
- Pwnbox integration Browser-based Kali environment with all tools pre-installed. No local VM setup, no compatibility issues. Just click and start hacking within seconds.
- Interactive targets Spawn vulnerable systems directly in modules. Read about SQL injection, then immediately exploit it against a live target. This tight feedback loop accelerates learning.
- Professional quality Content written by security practitioners who understand both the technical details and how to teach them. Explanations are clear without being condescending.
- Progressive difficulty Modules organized from Tier 0 (absolute beginner) through Tier IV (expert). Clear progression ensures you build skills in the right order.
Sample Modules You'll Encounter
To give you a sense of what you're getting, here are some popular modules across different paths:
- Linux Fundamentals
- Introduction to Networking
- Web Requests
- SQL Injection Fundamentals
- Cross-Site Scripting (XSS)
- File Inclusion
- Active Directory Enumeration
- Attacking Enterprise Networks
- Advanced Web Exploitation
💰 HTB Academy Pricing Breakdown
Here's where things get complicated. HTB Academy uses a "Cubes" virtual currency system alongside traditional subscriptions.
Understanding the Cubes System
🎲 How Cubes Work: Each module costs Cubes to unlock. You earn some free Cubes initially, then either buy more or subscribe. Different module tiers cost different amounts. This makes total costs hard to predict upfront.
Annual Plans (Recommended)
These are the access-based subscriptions that give you unlimited access to modules up to a certain tier. Much better value than monthly Cube plans. All prices exclude tax.
| Plan | Price/Year | Access Level | Includes |
|---|---|---|---|
| 🎓 Student | $96/yr | Tier I-II modules | Requires .edu email verification |
| 🥈 Silver Annual | $490/yr | Tier I-II modules | + Exam voucher (CWES/CPTS/CDSA) |
| 🥇 Gold Annual | $1,260/yr | Tier I-III modules | + Exam vouchers (CWEE/CWES/CPTS/CAPE/CDSA) |
Monthly Plans (Limited Value)
These are Cube-based subscriptions. You get a monthly allocation of Cubes to unlock modules, but they run out quickly. Most learners find these frustrating.
| Plan | Price | Cubes/Month | Reality Check |
|---|---|---|---|
| Silver Monthly | $18/mo | 200 cubes | ⚠️ Runs out after 2-3 modules |
| Gold Monthly | $38/mo | 500 cubes | ⚠️ Still limited for full paths |
| Platinum Monthly | $68/mo | 1,000 cubes | ⚠️ Better, but annual is cheaper |
Skip the monthly Cube plans. They look cheaper but the Cubes run out fast. Advanced modules cost 100-500+ Cubes each. For serious learning, the annual access-based plans are much better value.
Hidden cost warning: Even with subscriptions, you may run low on Cubes before completing a learning path. This pushes you to upgrade or buy more Cubes. Always calculate total Cubes needed for your target path before subscribing.
Real Cost Example: CPTS Certification Path
Let's calculate what it actually costs to get CPTS certified through HTB Academy:
- Silver Annual (Tier II access): $490/year - includes CPTS exam voucher
- OR Gold Annual (Tier III access): $1,260/year - includes multiple exam vouchers
- CPTS exam voucher (if buying separately): $210
- Potential retake: $210 additional if you don't pass first time
Total realistic cost: $490-$1,470+ depending on plan choice and whether you pass first attempt
This isn't necessarily bad value for a practical certification with real career benefits. But it's important to understand the true costs upfront rather than being surprised by Cubes running out or exam fees you didn't budget for.
🏆 HTB Academy Certifications
One of Academy's biggest selling points: practical certifications that test real skills, not multiple-choice memorization.
HTB CPTS
Certified Penetration Testing Specialist
Full pentest lifecycle. 10-day practical exam. ~$210 exam fee.
HTB CWES
Certified Web Exploitation Specialist
Web app security. Formerly CBBH. ~$210 exam fee.
HTB CDSA
Certified Defensive Security Analyst
Blue team focus. SOC analyst prep. ~$210 exam fee.
HTB CWEE
Certified Web Exploitation Expert
Advanced web security. ~$350 exam fee.
HTB CJCA
Certified Junior Cybersecurity Analyst
Entry-level defensive security. New in 2025.
HTB CAPE
Certified Active Directory Pentesting Expert
Advanced AD attacks. ~$350 exam fee.
HTB CPTS: Is It Worth It?
The HTB CPTS (Certified Penetration Testing Specialist) has become one of the most discussed entry-level penetration testing certifications. Here's what you need to know before committing.
CPTS tests the complete penetration testing lifecycle: external recon, internal network pivoting, Active Directory exploitation, web application attacks, privilege escalation, and professional report writing. Unlike the OSCP's 24-hour time pressure, CPTS gives you 10 days to work through a realistic multi-host environment, then another 10 days to submit your report.
Time investment: Plan for 3-6 months of focused preparation depending on your background. The Penetration Tester path contains 28+ modules covering everything from basic enumeration to advanced exploitation techniques. Someone with CTF experience will move faster, while complete beginners should expect the longer timeline.
CPTS vs OSCP: Both validate practical skills, but OSCP still carries more industry recognition. CPTS is newer, less expensive (~$700 total vs $1,599+ for OSCP), and has better training materials included. Many professionals pursue CPTS first to build skills affordably, then add OSCP later for the resume value. They complement rather than replace each other.
Career value: For entry-level pentester positions, CPTS demonstrates you can actually execute a full engagement, not just pass multiple-choice questions. Combined with a portfolio of CTF write-ups and lab completions, it's a strong differentiator when competing against candidates with only theoretical certifications.
How the Exams Work
HTB exams are fully practical: you attack real systems over multiple days, then submit a professional penetration testing report documenting your findings. This mirrors real-world work far better than traditional certification exams.
For CPTS, you get 10 days to complete the practical portion and an additional 10 days to submit your report. The exam simulates a real penetration testing engagement where you must compromise multiple systems, chain exploits together, and document everything as you would for an actual client.
This format separates HTB certifications from purely multiple-choice exams like CEH. You can't pass by memorizing dumps or guessing. Employers increasingly value this practical validation of skills over theoretical knowledge.
Which Certification Should You Pursue?
| Cert | Focus | Best For | Difficulty |
|---|---|---|---|
| CPTS | Full pentest lifecycle | Aspiring pentesters | ⭐⭐⭐⭐ Hard |
| CWES | Web app security | Bug bounty hunters | ⭐⭐⭐ Moderate |
| CDSA | Blue team defense | SOC analysts | ⭐⭐⭐ Moderate |
| CWEE | Advanced web exploitation | Senior web security | ⭐⭐⭐⭐⭐ Very Hard |
| CJCA | Entry-level blue team | Career changers, beginners | ⭐⭐ Easy |
| CAPE | Active Directory attacks | AD-focused pentesters | ⭐⭐⭐⭐⭐ Very Hard |
Industry recognition: HTB certifications are gaining traction but aren't yet as recognized as OSCP. They're excellent for entry-level differentiation and complement established certs for senior roles.
✅ Pros and Cons
👍 The Good
- Excellent content quality - Written by real practitioners
- Pwnbox included - No local setup required
- Practical certifications - Real skills, not memorization
- Structured paths - Always know what to learn next
- Active community - Discord support when stuck
👎 The Bad
- Confusing pricing - Cubes system obscures true costs
- Separate from Labs - Two subscriptions needed
- Cubes run out - May need upgrades mid-path
- Exam fees extra - $210-$350 on top of subscription
- Some dated content - Older modules need updates
🎯 Who Should Use HTB Academy?
✅ Great Fit If You...
- Are a student with .edu access ($96/yr is great value)
- Need structured learning before tackling HTB machines
- Want HTB-specific certifications (CPTS, CWES, CDSA)
- Prefer reading over video tutorials
- Are comfortable with complex pricing
❌ Not Ideal If You...
- Want predictable, simple pricing
- Need learning AND practice in one subscription
- Prefer video-based learning
- Already know fundamentals and just need practice
- Have a tight budget without student discount
💡 Reality check: If you're a beginner with limited budget, the Cubes system plus separate Labs subscription adds up fast. Calculate your full expected costs including all modules in your target path plus certification exam fees.
🔄 Better Alternatives to Consider
HackerDNA - Unified Learning + Practice
What HTB splits into Academy and Labs, HackerDNA combines in one platform. Get structured courses alongside 100+ hands-on labs for one subscription price.
Other Options
- TryHackMe Maximum hand-holding. Great for absolute beginners, but can create dependency. See our full comparison.
- OffSec Premium OSCP training. Expensive but comprehensive. Best if OSCP is your specific goal.
Our recommendation: For most learners in 2026, HackerDNA provides better value than HTB Academy with simpler pricing, unified platform, and expert hints when stuck. Try it before committing to HTB's fragmented ecosystem.
🚀 Getting Started with HTB Academy
If you decide HTB Academy is right for you, here's the smart way to start:
- Create a free account Sign up at academy.hackthebox.com. You receive 30 free Cubes on signup, enough to complete several Tier 0 modules. Use existing HTB credentials if you have them.
- Complete free modules first Try Linux Fundamentals, Intro to Networking, and Intro to Web Requests. Get a feel for the teaching style before paying.
- Calculate your path costs Add up Cubes needed for your target certification path. Factor in exam fees. Compare against flat-rate alternatives.
- Choose the right subscription Students: get the $96/yr Student plan. Others: Silver or Gold annual plans provide better value than monthly Cube subscriptions.
- Join the community HTB Discord and forums help when stuck. Don't share answers, but nudges are fair game. Consider joining CTF competitions to practice skills in a competitive environment.
Pro tip: Don't rush modules just to complete them. Security skills need time to internalize. Plan 3-6 months minimum for any certification path with consistent daily or weekly study time.
📈 Maximizing Your HTB Academy Experience
If you commit to HTB Academy, these strategies will help you extract maximum value from the platform and accelerate your learning.
📝 Take Active Notes
Don't just read passively. Document every command, technique, and concept. Create your own cheat sheets. Active note-taking dramatically improves retention and builds resources you'll reference throughout your career.
🔄 Practice Beyond Modules
When you complete a module, don't stop there. Find additional challenges using the same techniques. If you learned SQL injection in Academy, practice on other platforms to reinforce the skill in different contexts.
📄 Document Everything
Write detailed notes on every challenge. This builds documentation skills essential for professional security work and creates a portfolio demonstrating your abilities to potential employers.
⏰ Set Realistic Timelines
Don't rush through content just to complete it. Security skills require time to internalize. Most certification paths take 3-6 months of consistent study. Plan accordingly and avoid burnout.
Combining Academy with HTB Labs
If your budget permits both subscriptions, use them together strategically. The workflow that works best:
- Learn the concept in Academy Complete the theoretical content and guided exercises.
- Practice on Labs machines Find machines that use similar techniques and exploit them independently.
- Read writeups after solving Compare your approach to others. Learn alternative methods.
- Document your methodology Build your personal playbook of techniques that work.
This combination accelerates skill development significantly, but doubles your costs. Consider whether simpler all-in-one platforms might serve you better before committing to both products.
⚖️ Legal and Ethical Considerations
Critical reminder: Only practice hacking techniques on systems you own or have explicit written authorization to test. Unauthorized access is illegal regardless of intent, and can result in serious criminal penalties.
- Use legal practice environments - HTB Academy, HackerDNA Labs, and similar platforms exist specifically for safe, legal learning. These provide controlled environments where you can practice without legal risk.
- Never test without permission - "Practicing" on random websites or networks is illegal, not resourceful. Even with good intentions, unauthorized access can result in criminal charges and career-ending consequences.
- Report vulnerabilities responsibly - If you discover real vulnerabilities during authorized testing, follow responsible disclosure practices. Never exploit, publicize, or demand payment for bugs you find.
- Respect other learners - Don't share flags, spoil challenges, or undermine others' learning experiences. The security community is small, and reputation matters.
- Build reputation through integrity - Ethical behavior opens doors throughout your career. Misconduct follows you and can permanently damage your professional prospects.
🎯 Final Verdict: Is HTB Academy Worth It?
HTB Academy offers quality content and practical certifications. For students with the $96/yr plan, it's excellent value. For those pursuing HTB-specific certifications, it's the only path.
But for everyone else, the Cubes system and fragmented product structure creates unnecessary friction. Simpler alternatives exist.
Our pick for most learners: Try HackerDNA first for unified courses and labs with transparent pricing. If you specifically need HTB certifications, then Academy is worth the complexity.