Serial winners Rik van Duijn and Wesley Neelen don’t spend much time preparing for Hâck the Hague and partly attribute their successes to luck. Although the chance of getting lucky is not transferable, the serial winners do want to share several tips to increase your chances of success. These tips include things such as undivided focus, working in a structured manner and documenting your activities. It's all aimed at enabling you to do as much as possible in the shortest period of time.
Are you participating in HTH on your own, these tips might help:
- Make sure you come with a laptop that is fully up to date, including latest versions of all the tools you might need and make sure you have everything at your fingertips.
- Especially in large settings like HTH, it’s imperative that you maintain an overview of the entire playing field at all times and don’t dive into the details too soon. Avoid being the victim of tunnel vision at all costs. This requires some level of self-discipline but eventually will pay out in better hacks.
- Properly document what you do to prevent wasting time on searching information that you know you've encountered before, especially later on in the process. For example, tools like Burp Suite help to automatically create an overview of all websites that you have visited during your investigations.
- Spend enough time on finding real hacks. Focus on one thing at a time instead of constantly fluttering from one thing to another. It can be hard to be patient and stay with the same thing for a while, but that considerably increases your chances of finding vulnerabilities that really stand out.
If you are attending HTH as part of a team (max. two people), pay attention to the following: - Make sure you smartly distribute activities and focus between yourselves. By dividing tasks you also prevent working on similar things without knowing (remember: ‘great minds think alike”😉)
- Don’t forget to actively use one another as sparring partner – Two heads are better than one!
- Document what you do and come across in one single document. Apart from the advantage mentioned earlier, that it will help you find information quicker, there’s another thing. What might be an unimportant detail for you, can be a good starting point or clue for your partner.
Want to refresh your skills? Visit www.certifiedsecure.com to run through relevant levels. Another place where you can find plenty of training materials to help you prepare is Hack the Box Academy.
And last but not least: enthusiasm and simply having fun in hacking is the most important ingredient for success!
