Very few "Active" Windows boxes

I’m pretty new to HTB, CTFs, and pentesting in general, so please forgive me if this question is dumb.

Looking at the “Active” (non-retired) easy/medium boxes, there are a grand total of 0 Windows boxes right now. Is this the norm? Does it simply reflect what is to be expected in real-world pentesting scenarios? I honestly do not know.

I was thinking, especially with the recent changes to OSCP where an Active Directory environment is 40% of your score, that there would be more Windows boxes available. Even if they weren’t full AD environments, some AD-adjacent technologies (SMB, PowerShell, etc.) would be relevant and useful, I’d expect.

I realize that there are many retired Windows boxes and I have been working through them. I’m just curious to know what the mix of “Active” machines usually looks like in this regard. Are we instead meant to tackle things like the Pro Labs for AD experience?

Is there shortage of Windows box creators?

Let me know what you think.


Windows boxes are indeed less frequent. You should go for Pro labs if you want full AD experience.

I myself wanted to make a new Windows box but it’s kind of very hard, researching for a misconfiguration which can be little different from previous boxes, realistic and give players to learn something new.

So, there is as such no shortage but it’s very time consuming to make a good windows box which meets the expectation.