Hack The Box for Purple Teams

Hack The Box for Purple Teams is a cyber range and training platform designed to bridge red and blue team operations through collaborative, hands-on offensive and defensive exercises. The platform provides structured learning paths and live-fire ranges tailored to three primary roles: Purple Team Operators, Adversary Emulation Engineers, and Detection Engineers. Each role has access to training plans, dedicated cyber ranges, and team assessments. Training plans chain red team TTP courses with detection engineering labs, covering threat intel mapping, automated rule testing, and APT campaign emulation. Ranges simulate enterprise-scale networks where attacker actions generate live logs streamed into SIEM and XDR tools in real time. Team assessments benchmark both offensive exploitation and defensive detection efficacy, with post-event reports mapping to recommended upskilling programs. The platform supports threat emulation of real-world adversary groups (e.g., Scattered Spider, Salt Typhoon, Mustang Panda) using MITRE ATT&CK-aligned TTPs. It includes Atomic Red Team integration for attack simulation within ranges. Analytics features track individual and team metrics such as MTTD, alert precision, and investigation quality. Skill coverage heatmaps visualize proficiency against MITRE ATT&CK and NIST NICE frameworks. Progression data can be exported or connected to external LMS systems. The platform also offers content such as a Windows Attack & Defense range covering Active Directory attacks, APT-themed scenarios (e.g., HorsePanda/HorsePanda-D based on Mustang Panda), and beginner-level malware reversing assessments.